Friday, October 24, 2008

Microsoft Emergency Security Fix

This is something we haven't heard about for a while and that came out of the blue. It's a vulnerability in a bunch of Windows systems that can be remotely exploited with a specially crafted RPC call.

What scared security researchers is that this could be exploited in a type of attack like the old Blaster worm of a few years back. These types of worms have been out of fashion lately as hackers have been targeting banking and e-commerce sites with phishing and other more targeted attacks.

This one even hit CERT. The original Microsoft bulletin for MS08-067 was followed with more details by posts on its MSRC and SVRD blogs.

The Windows versions affected are Windows 2000, Windows XP, Windows 2003 and, to a lesser extent, Windows Server 2008 and Windows Vista, according to Security Focus.

This one also made the rounds on the web sites of Symantec and Websense.


Post a Comment

<< Home