Microsoft Announces Patch For More Security Holes
Today, Microsoft announced patches for several product vulnerabilities. Below is information on the vulnerabilities that Symantec rates as most critical. Many of the vulnerabilities pose serious risks to users, which could include loss of confidential data and the ability to create new accounts.
Symantec strongly advises users to install all security patches as soon as possible. In addition, users and network administrators should be keeping all antivirus definitions up-to-date and using appropriate firewall settings.
“Applying the security patches for these vulnerabilities is critical,” said Oliver Friedrichs, senior manager, Symantec Security Response.
“In the latest Internet Security Threat Report released on September 20, Symantec reported that the time to patch vulnerable systems is very short. Between Jan. 1 and June 30, 2004, the average time between then announcement of a vulnerability and the appearance of associated exploit code was 5.8 days.”
Symantec Security Response has also increased the DeepSight ThreatCon from a level one to a level two.
Information regarding all of the patches issued today by Microsoft can be found at http://www.microsoft.com/technet/security/bulletin/ms04-oct.mspx.