I don't normally beat the dead horse with Windows patch news, but this one is bad. Microsoft released an out-of-band patch this morning with MS08-067.
This vulnerability affects all current shipping Windows versions, with worm-style propagation being a very real likelihood. Versions of Windows 2000 and XP Pre SP2 are highly vulnerable, with some XP SP2+ and Windows Server 2003 systems being exploitable under certain common/popular firewall conditions.
Vista and Server 2008 appear to be exploitable, but only in terms of a DDoS type attack. Remote Code Execution has not yet been shown on a Vista system.
As of 12:30 PM Pacific Time, Microsoft reports attacks in the wild. This could be the next Blaster/Sasser type attack, so get patching!
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment