Security news
Security news11 September 2007
More Microsoft security holes highlight need for Network Access Control NAC helps firms defend against unpatched PCs being exploited by hackers
IT administrators can enforce policies over unsecured computers accessing their network with Sophos NAC 3.0.
IT security and control firm Sophos is advising companies to consider the benefits of Network Access Control (NAC) to ensure that computers are adhering to corporate IT security policy, in light of a number of new security patches being issued today by Microsoft.
As part of its monthly "Patch Tuesday" schedule, Microsoft is issuing four new bulletins (one of them described as "critical") outlining a number of different security vulnerabilities in its products, including its Windows 2000 operating system and Windows Live Messenger.
All organizations should roll-out these patches as a matter of urgency, as some of them could enable hackers to access data on a vulnerable PC or run malicious code. However, many firms could still be at risk if they allow guests, business partners or customers to bring unpatched machines into the company and connect to the network.
Furthermore, Sophos experts note that a large number of companies face an ongoing struggle to ensure that all internal devices are successfully patched against emerging vulnerabilities. This is because some machines may be incorrectly configured to receive updates, while others may not be connected to the network at the time of the roll-out.
"Installing the latest Microsoft security patches may sound straightforward, but for a lot of companies it's easier said than done, particularly if you have a regular stream of visitors connecting to your network," said Graham Cluley, senior technology consultant at Sophos. "It doesn't matter whether it's an employee's desktop PC or a customer's laptop - an unpatched machine represents a possible avenue for a cyberattack."
"Network Access Control can help prevent this from becoming a reality by giving businesses the ability to control who and what is connecting to a network," continued Cluley. "If a machine hasn't had the correct patches installed, you can prevent it from causing any harm to the rest of your organisation by blocking its access to the network, or quarantining the machine until it conforms with company IT policy."
Home users of Microsoft Windows can visit update.microsoft.com to have their systems scanned for Microsoft security vulnerabilities.
Sophos suggests that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.
Sophos continues to recommend companies protect their desktops and servers with automatically updated protection against viruses, spyware, hackers, and spam.
Download now
- USA number 1 for malware and spam
- Huge surge in email attachment attacks
- Scareware makes users buy bogus products
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
