Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Microsoft out-of-band patch - Severity Critical - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft out-of-band patch - Severity Critical

Updated:


As reported earlier this morning, Microsoft released a critical update today for Windows Operating System.  The update addresses a vulnerability with RPC calls which can be referenced from SMB connections.  As most of you remember, worms such as Blaster and its kin were able to propagate through RPC/DCOM vulnerabilities and is in a very similar area of code.  Microsoft has detected limited, targeted attacks exploiting this flaw in the wild.  It is expected that with the release of the update, much more of the hacker community will become aware of how to exploit this and create a major worm outbreak.
 

More information is available at  www.microsoft.com/technet/security/Bulletin/ms08-067.mspx

 

 

Original Post: 2008-10-23 12:16:16 UTC

Microsoft has just released an advance notification of an out-of-band update to be released on 23rd of October.  They will hold a special webcast on the 23rd at 1:00 pm PT  to discuss the release.  The patch will be released at 10.00 am.

The information in the bulletin mentions a remote code exploit, but no further details are provided, however a restart will be required.

Microsoft rates the issue as critical for 2000/XP/2003 and important for vista/2008.

If we get more information we'll update this diary.

Mark

ps thanks to some very fast ISC supporters for letting us know.

 

Mark

391 Posts
ISC Handler
Does an exploit of this magnitude perhaps warrant an increased threat level? Or would that come when wild exploitation grows?
Anonymous

Sign Up for Free or Log In to start participating in the conversation!