Security-Alerts mailing list archive (firstname.lastname@example.org)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] ALERT! out-of-band patch from Microsoft
* Microsoft out-of-band patch - Severity Critical
Last Updated: 2008-10-23 20:58:46 UTC
by Mark Hofman (Version: 3)
Some further details are available at the SWI blog in relation to the impact of
the netapi32.dll vulnerability.
Christopher at the MSRC blog posted a short while ago more information. There
is much more discussion of the inner workings of the discovery and Microsoft's
response to this critical vulnerability. Read it at
As reported earlier today, Microsoft released a critical update today for
Windows Operating System. The update addresses a vulnerability with RPC calls
which can be referenced from SMB connections. As most of you remember, worms
such as Blaster and its kin were able to propagate through RPC/DCOM
vulnerabilities and is in a very similar area of code. Microsoft has detected
limited, targeted attacks exploiting this flaw in the wild. It is expected
that with the release of the update, much more of the hacker community will
become aware of how to exploit this and create a major worm outbreak or botnet
On our initial reviewed of the information available from Microsoft, we believe
that client computers need to be updated with all due haste. Windows 2000, XP,
and Server 2003 are listed as critical. Windows Vista and Server 2008 is only
listed as important due to the additional security features with these newer
More information is available at
Original Post: 2008-10-23 12:16:16 UTC
Microsoft has just released an advance notification of an out-of-band update to
be released on 23rd of October. They will hold a special webcast on the 23rd
at 1:00 pm PT to discuss the release. The patch will be released at 10.00 am.
The information in the bulletin mentions a remote code exploit, but no further
details are provided, however a restart will be required.
Microsoft rates the issue as critical for 2000/XP/2003 and important for
If we get more information we'll update this diary.
ps thanks to some very fast ISC supporters for letting us know.