Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: bill
I guess many crackers will try to reverse engineer the patch the moment it is released and that evil code may soon be used. So we'd probably all better apply the patch asap...
The current advice is install them ASAP.
MS hasn't released a patch out of its scheduled Patch Tuersday cycle in a year and a half. This looks quite serious.
Microsoft Security Bulletin MS08-067 – Critical [microsoft.com]
This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
Sometimes you have to wonder what MS programmers do all day. This problem has existed since at least Windows 2000, and I rather suspect it's a design fault not a coding error!
New worm feeds on latest Microsoft bug [nytimes.com]
One day after Microsoft issued a rare emergency Windows security patch, the bad guys have a few new ways to take advantage of the bug.
By Friday, security researchers had identified a new worm, called Gimmiv, which exploited the vulnerability, and a hacker had posted an early sample of code that could be used to exploit the flaw on the Web.
Microsoft issued the patch more than two weeks ahead of its next security updates because the bug could be used to create an Internet worm attack and Microsoft had already seen a small number of attacks that exploited the flaw.
This vulnerability lies in the Windows Server service used to connect with other devices on networks. Although the firewall software that ships with Windows will block the worm from spreading, security experts are worried that the flaw could be used to spread infections between machines on a local area network, which are not typically protected by firewalls.