April 2004 Sets Record for the Number of Security Alerts in One Month
The Race Is on for IT Departments to Install Updates Before the Hackers Strike
TUSTIN, Calif.--(BUSINESS WIRE)--April 27, 2004--
Threat Focus Inc. announced today that with three days left in the month, April 2004 has already broken the record for the most security alerts sent in a single month. The previous record was set in September 2003. Threat Focus monitors vulnerability alerts and patches for over 1,600 software and operating system products and alerts Threat Focus subscribers to issues that may impact their IT infrastructure.
The month of April has seen major security alerts from Microsoft, Cisco, Sun and several other large network and computer system vendors. "It's safe to say that almost every company has been affected by the security holes announced in April," said Kevin Nelson, vice president of Business Development at Threat Focus. "The malware writers always introduce new versions designed specifically to exploit new vulnerabilities and patches, so it's critical for companies to update their vulnerable systems before the new viruses and worms become widespread."
So far in April, Microsoft has issued eight new or updated security announcements rated critical or important, meaning that the vulnerabilities could allow an attacker to gain unauthorized access or in some cases completely take over a user's computer. These eight specific alerts fix security holes in all major versions of Microsoft Windows, Microsoft Exchange, and SQL Server, plus major sub-systems such as ASN.1 (the library that underlies many communications protocols), RPC DCOM (previously exploited by the MS Blast worm), the Jet database engine used by Access, Visual Basic, and multitudes of third-party applications and other critical libraries used in domain authentication and the Microsoft SSL library.
In addition to the eight Microsoft advisories, in the month of April, Threat Focus has issued:
-- 7 notifications of new vulnerabilities or patches for Cisco routers and firewalls.
-- 4 notifications for Sun products.
-- 4 critical CERT advisories.
-- Numerous security notifications for all the major Linux distributions.
The weekly record was set from April 11 to April 17, 2004, when the average Threat Focus subscriber received more than 10 security alerts. Some corporate subscribers received more than 40 alerts in that week, also a record. These numbers are more than three times the average number of security notifications sent during a typical week.
"The reality is that to keep their networks secure, IT managers must continuously deal with multiple new issues and threats," Nelson said. "With Threat Focus, they receive new vulnerabilities and patches notifications for just the products they've specified for their IT infrastructure, ensuring that they don't miss any important alerts, and they don't have to spend their own time looking for new, relevant security alerts by monitoring unfiltered mailing lists, Web forums, IRC, or searching vendor Web sites."
About Threat Focus Inc.
Threat Focus is a leading supplier of affordable IT security intelligence, providing automated, external vulnerability assessments and customized 24/7 vulnerability and patch alerts for more than 1,600 products, giving IT and network managers the real-time security information they need to protect their critical business systems and network assets. Threat Focus has headquarters in Tustin. For more information, please visit www.threatfocus.com or call 949-271-9170.
Contacts
TBPR for Threat Focus Inc.
Teri Bruno, 714-356-8407
teribruno@aol.com
[ Comment, Edit or Article Submission ]
