Thursday, October 23, 2008 12:37 PM
cmosby
Microsoft out-of-band patch - Severity Critical - UPDATE
digg_url = 'http://isc.sans.org/diary.html?storyid=5227&rss';
digg_title = 'Microsoft out-of-band patch - Severity Critical';
digg_skin='compact';
digg_topic = 'security';
Updated:
As reported earlier this morning, Microsoft released a critical update today for Windows Operating System. The update addresses a vulnerability with RPC calls which can be referenced from SMB connections. As most of you remember, worms such as Blaster and its kin were able to propagate through RPC/DCOM vulnerabilities and is in a very similar area of code. Microsoft has detected limited, targeted attacks exploiting this flaw in the wild. It is expected that with the release of the update, much more of the hacker community will become aware of how to exploit this and create a major worm outbreak.
More information is available at www.microsoft.com/technet/security/Bulletin/ms08-067.mspx
Original Post: 2008-10-23 12:16:16 UTC
Microsoft has just released an advance notification of an out-of-band update to be released on 23rd of October. They will hold a special webcast on the 23rd at 1:00 pm PT to discuss the release. The patch will be released at 10.00 am.
The information in the bulletin mentions a remote code exploit, but no further details are provided, however a restart will be required.
Microsoft rates the issue as critical for 2000/XP/2003 and important for vista/2008.
If we get more information we'll update this diary.
Mark
ps thanks to some very fast ISC supporters for letting us know.