Good Friday evening all (for those in the western hemisphere).
Microsoft posted a blog entry this afernoon containing information about their assessment of recent reports of a vulnerability which was not addressed in MS06-035. It appears that the current proof of concept is limited to a denial of service attack and is not currently being observed as an attack vector. Microsoft reports that they have not identified any possibilities that the issue could allow remote code execution.
We recommend that you assess your particular situation. Blocking ports 135-139, 445 is already a best practice. Whitelist IPs that may need these ports, but remember to limit your exposure from your road warrior/home office users. We expect that Microsoft will release a patch on August 8 to address this current threat.
For more information, please see http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspx.
Jul 28th 2006
1 decade ago