Sophos takes rare step of citing Microsoft flaw as a must-fix

Sophos generally steers clear of pointing to a single patch from Microsoft’s Patch Tuesday, but is breaking its own rule this month by highlighting one it says can prevent a world of hurt.

The patch – MS15-034 – addresses a bug that could allow remote-code execution on a victim machine, and that can be exploited via any application using Microsoft’s http stack, according to the Sophos Naked Security blog.

To read this article in full or to leave a comment, please click here

Network World Tim Greene