Microsoft has released an out-of-band patch » Computer internet security  
Computer and internet security news
computer and networking security portal
 
|
|
|
News
|
Advertise
|
|
Products
|
Contact

Microsoft has released an out-of-band patch



Thursday, October 23, 2008, 21:18
This news item was posted in Microsoft security category and has 0 Comments so far.

Microsoft has released an out-of-band patch to fix an extremely critical worm hole that exposes Windows users to remote code execution attacks.

The emergency update comes just one week after the regularly scheduled Patch Tuesday and follows the discovery of a targeted zero-day attack, Microsoft said in an advisory.   The vulnerability is rated “critical” on Windows 2000, Windows XP and Windows Server 2003.

Microsoft said it was aware of “limited, targeted attacks attempting to exploit the vulnerability” but the company did not provide any clues about the origin of the attacks or the target that was hit.    There are no signs yet of public proof-of-concept code.

  • The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit.
  • Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

The vulnerable Windows Server service provides RPC support, file and print support, and named pipe sharing over the network. It is also used to allow the sharing of your local resources (such as disks and printers) so that other users on the network can access them.

Related posts:

  1. Microsoft confirmed the new sql security threat
  2. Microsoft Corp issued a zero day attack advisory
  3. Microsoft to release out-of-cycle patch for .ANI vulnerability
  4. Microsoft is warning customers about a zero-day flaw
  5. Server DNS vulnerability attacks
  6. Websites feast on Windows flaw

Related posts brought to you by Yet Another Related Posts Plugin.






You can leave a response, or trackback from your own site.

Leave a Reply





:::: Recent entries


 
Join My Community at MyBloglog!



My BlogCatalog BlogRank

Computers Blogs - Blog Top Sites