Lexa Software: Security-Alerts@yandex-team.ru archive

		Apache-Talk @lexa.ru
		Inet-Admins @info.east.ru
		Filmscanners @halftone.co.uk
		Security-alerts @yandex-team.ru
		nginx-ru @sysoev.ru

СТАТЬИ

ПЕРСОНАЛЬНОЕ

ПРОГРАММЫ

ПИШИТЕ
ПИСЬМА

АРХИВ :: Security-alerts

Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] ALERT! out-of-band patch from Microsoft

To: "'security-alerts@xxxxxxxxxxxxxx'" <security-alerts@xxxxxxxxxxxxxx>
Subject: [security-alerts] ALERT! out-of-band patch from Microsoft
From: "Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>
Date: Fri, 24 Oct 2008 12:28:40 +0400
Accept-language: ru-RU, en-US
Acceptlanguage: ru-RU, en-US
Content-language: ru-RU
List-archive: <http://www.lexa.ru/security-alerts/> (Web Archive)
List-id: <security-alerts.yandex-team.ru>
List-subscribe: <mailto:majordomo@yandex-team.ru?body=subscribe%20security-alerts>
List-unsubscribe: <mailto:majordomo@yandex-team.ru?body=unsubscribe%20security-alerts>
Thread-index: Ack1soT7NiPxyo9OSqeSDRv44vTRMA==
Thread-topic: ALERT! out-of-band patch from Microsoft

http://isc.sans.org/diary.html?storyid=5227

* Microsoft out-of-band patch - Severity Critical
Published: 2008-10-23,
Last Updated: 2008-10-23 20:58:46 UTC
by Mark Hofman (Version: 3)
1 comment(s)

Update #4:

Some further details are available at the SWI blog in relation to the impact of 
the netapi32.dll vulnerability.



Updated #3:

Christopher at the MSRC blog posted a short while ago more information.  There 
is much more discussion of the inner workings of the discovery and Microsoft's 
response to this critical vulnerability.  Read it at 
blogs.technet.com/msrc/archive/2008/10/23/ms08-067-released.aspx





Updated #2


As reported earlier today, Microsoft released a critical update today for 
Windows Operating System.  The update addresses a vulnerability with RPC calls 
which can be referenced from SMB connections.  As most of you remember, worms 
such as Blaster and its kin were able to propagate through RPC/DCOM 
vulnerabilities and is in a very similar area of code.  Microsoft has detected 
limited, targeted attacks exploiting this flaw in the wild.  It is expected 
that with the release of the update, much more of the hacker community will 
become aware of how to exploit this and create a major worm outbreak or botnet 
activity.


On our initial reviewed of the information available from Microsoft, we believe 
that client computers need to be updated with all due haste.  Windows 2000, XP, 
and Server 2003 are listed as critical. Windows Vista and Server 2008 is only 
listed as important due to the additional security features with these newer 
operating systems.

More information is available at  
www.microsoft.com/technet/security/Bulletin/ms08-067.mspx

Original Post: 2008-10-23 12:16:16 UTC

Microsoft has just released an advance notification of an out-of-band update to 
be released on 23rd of October.  They will hold a special webcast on the 23rd 
at 1:00 pm PT  to discuss the release.  The patch will be released at 10.00 am.

The information in the bulletin mentions a remote code exploit, but no further 
details are provided, however a restart will be required.

Microsoft rates the issue as critical for 2000/XP/2003 and important for 
vista/2008.

If we get more information we'll update this diary.

Mark

ps thanks to some very fast ISC supporters for letting us know.

Prev by Date: [security-alerts] FW: [SA32177] Opera Multiple Vulnerabilities
Next by Date: [security-alerts] FW: Out of band patch heads up
Previous by thread: [security-alerts] FW: [SA32177] Opera Multiple Vulnerabilities
Next by thread: [security-alerts] FW: Out of band patch heads up
Index(es):
- Date
- Thread