TechnologyAccounting SoftwareWindows flaw sparks panic.

Windows flaw sparks panic.

Finance departments and small companies should brace themselves for the financial implications of a devastating flaw discovered in Microsoft's key operating systems. The flaw is so severe that the US department of homeland security has issued two warnings.

The initial alarm was raised by Microsoft on 16 July, which was followed up by a statement from the DHS eight days later. It warned Microsoft users to implement the patch, available from the company’s website, as soon as possible.

Late last week, the DHS took the unprecedented measure of issuing a second statement in reaction to the emergence of a dangerous code that exploits the vulnerability. It claims to have picked up a huge increase in the number of hackers scanning the internet for vulnerable systems.

‘Two factors are causing heightened interest in this situation: the affected operating systems are in widespread use, and exploitation of the vulnerability could permit the execution of arbitrary code (technology used by hackers to take advantage of vulnerable systems),’ the DHS said in a statement.

‘DHS and Microsoft are concerned that a properly written exploit could rapidly spread on the internet as a worm or virus in a fashion similar to Code Red or Slammer.’

Essentially, the vulnerability allows malicious attackers to gain control of systems to steal files, emails and personal information. It can also be used to launch attacks across the internet.

Reports into the financial implications of the Code Red virus from early 2001 concluded that it had cost businesses more than $2bn to clean up infected systems in the aftermath of the virus’s strike. But IT departments seem not to have learnt from the experience, which has forced the DHS to issue such a stark warning.

‘It is very important to patch this up as quickly as possible,’ said Graham Titterington, senior analyst at Ovum. ‘This flaw isn’t as immediately accessible as the problem that led to the Code Red situation since it deals more with internal than external communication. Nevertheless it can be used in that way and the fact that it’s so widespread is a major cause for concern.’

Some commentators believe IT departments have been so slow to update their systems with the Microsoft fix because the Redmond giant issues patches so frequently they are sometimes overlooked. The Windows systems affected include NT 4.0; NT 4.0 Terminal Services Edition; 2000; XP and Server 2003.

– Additional reporting by David Rae

Related Articles

5 key tech innovations helping accountants transform their businesses

Accounting Software 5 key tech innovations helping accountants transform their businesses

3w Heather Darnell, Founder of Ask the BOSS
Finance and the tech foundation: what’s needed to deliver impactful business insights?

Accounting Software Finance and the tech foundation: what’s needed to deliver impactful business insights?

3m Workday | Sponsored
Best accounting software for businesses in the UK

Accounting Software Best accounting software for businesses in the UK

3m Accountancy Age, Reporters
Making sense of enterprise tech concepts for finance teams

Accounting Software Making sense of enterprise tech concepts for finance teams

4m Workday | Sponsored
Open Banking: what you need to know

Accounting Software Open Banking: what you need to know

4m Edward Berks, Xero
Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

6m Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

10m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

10m Alia Shoaib, Reporter