funsec mailing list archives
Re: Microsoft to rush out emergency Windows patch today
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Thu, 23 Oct 2008 19:03:52 -0400
-Block TCP ports 139 and 445 at the firewall
This is critical, but note that any firewall not written by a complete idiot will block these ports. So as a practical matter a very large percentage of users are effectively protected by their router firewall and/or by Windows Firewall or a 3rd party product. If you have File and Print sharing on you are exposed, but only to people on the local subnet who you have given rights to. So there's still an issue, for example, with the dumb-ass roaming user who gets infected in a hotel and brings it back to the company LAN where he infects the Win2K3 server. BTW, Vista and 2008 are vulnerable, but only to authenticated users, so the same roaming infected idiot scenario applies I guess, because he might be authenticated locally. So it's serious, about as serious a bug as we've seen from Microsoft in at least 2 or 3 years, but it's no Blaster. People are largely better protected now in spite of themselves. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Juha-Matti Laurio Sent: Thursday, October 23, 2008 4:57 PM To: funsec () linuxbox org Subject: Re: [funsec] Microsoft to rush out emergency Windows patch today And it is http://www.microsoft.com/technet/security/Bulletin/ms08-067.mspx Recommended workarounds: -Disable the Server and Computer Browser services -Block TCP ports 139 and 445 at the firewall Go and patch ASAP this RPC vulnerability, folks. Juha-Matti Juha-Matti Laurio [juha-matti.laurio () netti fi] kirjoitti:
"Microsoft will rush out an emergency security patch for Windows users
on Thursday.
The company offered few details on why it was releasing the software
update, which is rated critical for users of Windows 2000, Windows XP, and Windows Server 2003.
A critical flaw is worrisome, however, because it can be exploited by
online attackers to seize control of the PC.
The update will be released at 10:00 am, Pacific time, said Microsoft
spokesman Christopher Budd in a blog posting published late Wednesday.
The flaw is considered to be a less serious risk for users of the
Windows Vista and Server 2008 operating systems Microsoft said in an advisory on the issue."
--clip-- More at
http://www.pcworld.com/businesscenter/article/152665/microsoft_to_rush_o ut_emergency_windows_patch.html
Reference: http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx (has replaced the Oct sumamry page:-( btw) Upcoming webcast:
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=10323 93978&EventCategory=4&culture=en-US&CountryCode=US
According to PC World "[Mr. Dragos] Ruiu said that presenters at Microsoft's recent Blue Hat
internal security conference told him that they'd discovered some serious Windows bugs using security testing tools and that the update could fix one of these issues. "It might have wide reaching impact, or might be used easily for significant malicious hijinks," he said."
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Microsoft to rush out emergency Windows patch today Juha-Matti Laurio (Oct 23)
- <Possible follow-ups>
- Re: Microsoft to rush out emergency Windows patch today Juha-Matti Laurio (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Larry Seltzer (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Paul Ferguson (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Larry Seltzer (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Paul Ferguson (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Larry Seltzer (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Paul Ferguson (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Larry Seltzer (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Paul Ferguson (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Larry Seltzer (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Paul Ferguson (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Paul Ferguson (Oct 23)
- Re: Microsoft to rush out emergency Windows patch today Larry Seltzer (Oct 23)