18 Patches Available

Five Microsoft vulnerabilities deemed critical

Martin Garvey, Contributor

April 15, 2005

1 Min Read
InformationWeek logo in a gray background | InformationWeek

Microsoft Patch Tuesday came around again last week. For Peter Wallace, IT director at the American Automobile Association Reading-Berks office in Pennsylvania, it meant patching the five vulnerabilities deemed critical out of the 18 identified. The five affected Exchange Server, Internet Explorer, Microsoft Word, MSN Messenger, and the TCP/IP communication protocol. Among the risks are denial-of-service and remote-code-execution attacks.

The Explorer vulnerability alarmed Wallace the most. "That one could shut down Internet access and crash our machines," says Wallace, who personally approves all the patches the office implements before testing them.

Companies should look at factors such as the extent a system could be compromised, says Pete Lindstrom, founder of analyst firm Spire Security. "It's a question mark whether a vulnerability will lead to an attack," he says, "and we're spending a lot of time installing patches we might not need." But you can never be too prepared. "The challenge is that a couple of these vulnerabilities have proof-of-concept code out there. Such code lowers the bar for those who can infiltrate the system, like script kiddies."

Read more about:

20052005

About the Author

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights