This information may be useful to some of you. Microsoft Releases Emergency Security Patch (NewsFactor) Published Thu, 23 Oct 2008 20:48:43 GMT NewsFactor - Microsoft announced Wednesday night that it is issuing an emergency security patch Thursday, 19 days before the next regularly scheduled Patch Tuesday on Nov. 11. It's the first time in more than a year that Microsoft has issued a so-called "out-of-band" patch. Yahoo! News Microsoft announced Wednesday night that it is issuing an emergency security patch Thursday, 19 days before the next regularly scheduled Patch Tuesday on Nov. 11. It's the first time in more than a year that Microsoft has issued a so-called "out-of-band" patch. News of the patch first appeared in a brief blog posting by MSRC security program manager Christopher Budd, who wrote that "I wanted to let you know that we've just posted an advance notification for an out-of-band bulletin release. We plan to release one Windows security bulletin with a maximum severity of critical; scheduled for a target time of 10:00 a.m. PT on Thursday Oct. 23, 2008. A restart will be required." Microsoft was hosting a special Webcast Thursday afternoon to discuss the threat in detail. 'Wormable' Flaw The patch is intended to prevent hostile code from executing specifically constructed remote procedure calls on vulnerable systems. It is described as critical for every flavor of Windows from XP forward. So far, there are relatively few details about how the security hole might be exploited, and no indication that it has been. Preliminary reports, however, have described it as a "wormable" flaw -- i.e., a software weakness that could be exploited without any action on the part of the user. Some preliminary information about the nature of the threat was contained in an updated Microsoft Security Bulletin Summary for October 2008. Under the dry heading of Vulnerability in Server Service Could Allow Remote Code Execution, Microsoft says that "consistent exploit code has been discovered in limited, targeted attacks, affecting Windows XP and Windows Server 2003." The summary linked to the more specific Microsoft Security Bulletin MS08-067-Critical, which states that "On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit." Firewall Protection Microsoft notes that default installations of Windows Vista and Windows Server 2008 require authentication as part of the user access control. Microsoft says the authentication protection is available even if UAC is turned off, and additional safeguards are built into the operating systems. In addition, Microsoft said, "Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter." Nonetheless, Microsoft lists the Exploitability Index Assessment of the threat as "1-Consistent exploit code likely." It is the highest threat level assessed by Microsoft for this type of issue. As the threat assessment suggests, it represents the type of flaw that would allow "exploit code to be created in such a way that an attacker could consistently exploit that vulnerability." To unsubscribe send a message to [EMAIL PROTECTED] with the subject unsubscribe.
To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
