DHS Recommends Security Patch For Windows Operating Systems

WASHINGTON – The Department of Homeland Security (DHS) is recommending that Windows operating systems users apply Microsoft security patch MS06-040 as quickly as possible. 

This security patch is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control of an affected system and install programs, view, change, or delete data, and create new accounts with full user rights.

Windows operating systems users are encouraged to avoid delay in applying this security patch. Attempts to exploit vulnerabilities in operating systems routinely occur within 24 hours of the release of a security patch. This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users.

Users can apply the Microsoft MS06-040 security patch at http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx.  Home users may prefer to go to Windows Update at http://update.microsoft.com and select “express” to install critical security updates, including the MS06-040 security patch.

The Department’s U.S. Computer Emergency Readiness Team (US-CERT) continues to work closely with Microsoft to minimize any impact from this vulnerability.  US-CERT has issued an alert through the National Cyber Alert System and conducted a series of briefings with federal Chief Information Officers and Chief Information Security Officers, and critical infrastructure sectors through Information Sharing and Analysis Centers.  Additionally, all federal agencies are required to provide US-CERT with regular updates on their patching status.

DHS recommends that computer users and administrators implement the following preparedness measures to protect themselves against this vulnerability, and also from future vulnerabilities, worms, and viruses:

  • Keep up-to-date on security patches and fixes for your operating system.  The easiest way to do this is to set your system to receive automatic updates, which will ensure you automatically receive security updates issued by Microsoft.  If your system does not allow automatic updates, we recommend that you manually install the Microsoft security patch today through Microsoft Update at http://update.microsoft.com/microsoftupdate
  • Install anti-virus and anti-spy ware software and keep them up-to-date
  • Enable a firewall which will help block attacks before they can get into your computer
  • Do not open E-mails from unknown sources and do not open or execute email attachments that you are not expecting even if they come from a known and trusted source.

To access the alerts for this vulnerability and for additional information on cyber security tips and practices please visit at www.us-cert.gov.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo