alert


Latest Postings

October 23 2008

Microsoft Alert – Critical Product Vulnerability – October 23, 2008 Microsoft Security Bulletin Release (Out of Band)

Microsoft just released an alert to provide you with an overview of the new security bulletin released (out of band) on Thursday, October 23, 2008. Microsoft has released security bulletin MS08-067, Vulnerability in Server Service Could Allow Remote Code Execution (958644), to address a vulnerability in all currently supported versions of Windows. This security update was released outside of the usual monthly security bulletin release cycle in an effort to protect customers. We request that you take action immediately by first assessing and preparing your own systems and networks and applying the security update, then reaching out to your customers to assist them in securing their systems and networks by applying the update.

 

Details about this security update are below, but here are your key resources:

 

·         The full bulletin for MS08-067 is available at http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx

·         We recommend that you use the Microsoft TechNet Security TechCenter as a source of security information: http://technet.microsoft.com/security

 

Summary

 

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests.

 

Recommendations

 

Microsoft recommends that you assess your systems and networks and apply this security update to secure your systems and networks and to help ensure that your computers are protected from attempted criminal attacks.

 

New Security Bulletin Technical Details

 

Identifier

MS08-067

Severity Rating

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.

Impact of Vulnerability

Remote Code Execution

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.

Affected Software

All currently supported versions of Windows

Restart Requirement

The update requires a restart.

Removal Information

·         For Windows 2000, Windows XP, Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility

·         For Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

MS06-040 is superseded on these operating systems: Windows 2000 SP4, Windows XP SP2, Windows XP X64, Windows Server 2003 SP1, Windows Server 2003 X64, Windows Server 2003 SP1 for Itanium-based Systems.

Full Details:

http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx

 

 

Regarding Information Consistency

 

We recommend that our customers use the Microsoft TechNet Security TechCenter as a key source of security information: http://technet.microsoft.com/security, and that you sign up for comprehensive alerts at http://www.microsoft.com/technet/security/bulletin/notify.mspx.  We strive to provide you with accurate information in static and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative. 

 

ISInc Support Options

If you are interested in ISInc support to keep your networks up to date, please contact us at 916-920-1700 to hear about our Managed Services options.