Results 1 to 6 of 6

Thread: MS Emergency security update released

  1. #1
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default MS Emergency security update released

    Mod's I know this is a BackTrack Linux forum but this look like a very big exploit that been around un-patched for quite some time.


    This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

    Microsoft is scheduled to release a security bulletin (out-of-band) to address a vulnerability in all currently supported versions of Windows. The bulletin is scheduled for release at approximately 10 A.M. Pacific Time on Thursday, October 23, 2008.

    This security update will be released outside of the usual monthly security bulletin release cycle in an effort to protect customers. Microsoft recommends customers prepare their systems and networks to apply this security bulletin immediately once released to help ensure that their computers are protected from attempted criminal attacks. For more information about security updates, visit http://www.microsoft.com/protect.

    The purpose of this notification is to assist customers with resource planning for this security bulletin release. The information offered in this notification is purposely general in nature to provide enough information for customers to plan for deployment without disclosing vulnerability details or other information that could put them at risk.

    Anyone believed to have been affected can visit: http://www.microsoft.com/protect/support/default.mspx and should contact the national law enforcement agency in their country. Those in the United States can contact Customer Service and Support at no charge using the PC Safety hotline at (866) PC SAFETY. Additionally, customers in the United States should contact their local FBI office or report their situation at: www.ic3.gov.

    Microsoft continues to encourage customers to follow the “Protect Your Computer” guidance of enabling a firewall, applying all software updates, and installing anti-virus and anti-spyware software. Additional information can be found at: http://ww.microsoft.com/protect.

    NEW BULLETIN SUMMARY

    Bulletin Identifier Windows Bulletin
    Maximum Severity Rating Critical
    Impact of Vulnerability Remote Code Execution
    Detection Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.
    Restart Requirement The update requires a restart.
    Affected Software Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008


    The full version of the Microsoft Security Bulletin Advance Notification for this month can be found here: http://www.microsoft.com/technet/sec.../ms08-oct.mspx.

    Although we do not anticipate any changes, the information provided in this summary is subject to change until the release. At this time, no additional information on this bulletin such as details regarding severity or details regarding the vulnerability will be made available until the bulletin is published.

  2. #2
    Senior Member Shatter's Avatar
    Join Date
    Jan 2010
    Posts
    192

    Default

    Hmm, most disturbing news. What scares me most is that these kind of things go unpatched for a long while.
    I have the card in me head, but you have the memory problems?

  3. #3
    Senior Member
    Join Date
    Jan 2010
    Posts
    140

    Default

    It's not a big deal. It only lets people run arbitrary code on anything running the server service. Oh wait.... what!?!?!?

  4. #4
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by dudeman02379 View Post
    It's not a big deal. It only lets people run arbitrary code on anything running the server service. Oh wait.... what!?!?!?
    I took pre-emptive measures to protect my machines before the patch was released. I stopped the server service on all my machines.

    I'm guessing it worked because I haven't gotten any emails about things not working..
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  5. #5
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    took pre-emptive measures to protect my machines before the patch was released. I stopped the server service on all my machines.
    What did you do to stop that attack?
    Thanks

  6. #6
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by compaq View Post
    What did you do to stop that attack?
    Thanks
    I was making a joke. If you stop the server service, lots of things stop working on the server.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •