IT staff await critical security update from Microsoft

Graham Cluley
@gcluley

IT system administrators are being warned today about a critical security vulnerability in versions of Windows, which could allow hackers to install malicious code (such as a worm) without user intervention.

According to Microsoft versions of its Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 operating system are affected by the bug – which is anticipated to be fixed by an emergency patch to be released at 10am PST (6pm UK time) today.

More information can be found in Microsoft’s advance notice at www.microsoft.com/technet/security/bulletin/ms08-oct.mspx

Microsoft normally bundles its security updates into a monthly package, known in the industry as “Patch Tuesday”, and it is relatively unusual for the company to issue a fix for a security vulnerability outside of this cycle. This may indicate that Microsoft…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.