Microsoft has released an emergency patch for a security problem which could result in a remote code execution and subsequent compromise of Windows computers. It is all the more serious because no user interaction is required in order for a vulnerable machine to succumb.
Closely related to this is the greater worry that hackers will write a computer worm -- a self-propagating computer virus which could rampage uncontrollably across the Internet.
As such, Microsoft took the rare step of stepping outside its monthly Patch Tuesday routine to issues an out-of-order patch. Indeed, the last time such an incident happened was in April 2007. The Security Bulletin describing this vulnerability is called MS08-067, and you can read more about it here. This vulnerability is a critical one for Windows XP, though it also affects Windows Vista on certain levels.
Whatever Windows operating system you use, you will not go wrong to ensure that your computers are properly patched; for that, Susan Bradley over at Windows Secret has a comprehensive list of download links and some instructions to help you along.
Moving ahead, it will definitely serve your company well to appoint an IT staffer to be in charge of ensuring that all security updates and patches are up-to-date. Let's call this role the Security Administrator.
For an SMB, limited number of staffers might necessitate that the selected Security Administrator will have to wear multiple hats. To encourage greater diligence and ensure that this role does not end up playing second fiddle to other tasks, might want to consider awarding a special monetary allowance to the Security Administrator.
What do you think? Do you have any other suggestions or tips you would like to share pertaining to the role of a Security Administrator?