MS08-067 - Critical Microsoft Vulnerability

Windows Security : MS08-067 - Critical Microsoft Vulnerability - Update Now !

Posted by Max on 2008/10/25 11:28:42 (1516 reads)

A new critical Windows vulnerability has been discovered and Microsoft is acknowledging it's criticality by releasing an out-of band patch before the regular Windows update batch due Nov. 11. This security update resolves a privately reported vulnerability in the Windows Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request.

In Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.

The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests.

Recommendation
Microsoft recommends that customers apply the update immediately.
Frequently Asked Questions (FAQ) Related to This Security Update:

Where are the file information details?
The file information details can be found in Microsoft Knowledge Base Article 958644.
Is the Windows 7 Pre-Beta release affected by this vulnerability?
Yes. This vulnerability was reported after the release of Windows 7 Pre-Beta. Customers running Windows 7 Pre-Beta are encouraged to download and apply the update to their systems. On Windows 7 Pre-Beta systems, the vulnerable code path is only accessible to authenticated users. This vulnerability is not liable to be triggered if the attacker is not authenticated, and therefore would be rated Important.
Download the updates for your home computer or laptop from the Microsoft Update Web site now.

If you want to stay ahead of the threat and prevent future security incidents , consider using a comprehensive security solution like
Norton 360 Version 2 - All-In-One-Security! Click Here

Previous article - Next article

Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.