Microsoft has distributed two security patches to address vulnerabilities in Windows.
One patch is described as "critical" by Microsoft, whilst the other is regarded as "important" by the firm. The patches are part of the company's monthly scheduled patching cycle.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Alan Bentley, VP of Lumension Security EMEA, said, "At first glance, it seems IT managers have got off lightly this month. However, it is not the quantity of patches that is important this month."
"The vulnerability is at the kernel level and if exploited, a hacker could take complete control of a machine."
Bentley said a hacker looking to exploit this vulnerability could interfere with video or audio streams such as IP-based teleconferencing or streaming media.
To eradicate the immediate threat, organisations should block IP multicasting at the perimeter firewall and the Vista firewall (which is not an option in XP), while testing and rolling out the patch as soon as possible, he said.
"IT administrators cannot ignore MS08-002 either. Whilst it addresses a less severe vulnerability in the Microsoft Windows Local Security Authority Subsystem Service (LSASS), if it is exploited a hacker could elevate privileges on the affected machine and take complete control of a system," said Bentley.