Not seeing too many reported issues 06-040 at this time.
Are seeing issues with the typical customized web apps with
http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx the IE
one.. and so far hearing reports of issues with web/Peoplesoft on
Windows 2000 and XP sp1.
As a reminder:
Windows XP SP1 and SP1a support ends on October 10, 2006:
http://support.microsoft.com/gp/lifean19
Michael Miller wrote:
Maybe you wouldn't exactly call it a utility tool, but WSUS can
generate reports with all kinds of info regarding the status of
patches for all machines in the domain.
It's free and has minimal hardware requirements. You can service all
your machines via a GPO and, if you're the cautious type, wait for the
bleeding edge people to report back before approving certain updates
for your client machines.
-mjm
_________________________________________________________________
Alex Alborzfard wrote:
What about MS06-040? I've heard it's a nasty one like blaster.
DHS has already issued a recommendation to apply this patch.
I remember using a utility tool that would list all applied patches on a
Windows box with all kind of information.
Anyone has ever used or knows anything about it?
Alex
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley,
CPA aka Ebitz - SBS Rocks [MVP]
Sent: Tuesday, August 08, 2006 1:55 PM
To: [email protected]
Subject: [ActiveDir] Microsoft Security Bulletin MS06-041 Vulnerability
in DNS Resolution Could Allow Remote Code Execution
One of 12 today...but since it's DNS related
Microsoft Security Bulletin MS06-041 Vulnerability in DNS Resolution
Could Allow Remote Code Execution (920683):
http://www.microsoft.com/technet/security/Bulletin/MS06-041.mspx
For an attack to be successful the attacker would either have to be on a
subnet between the host and the DNS server or force the target host
to make a DNS request to receive a specially crafted record response
from an attacking server.
(and Brett...just a FYI... in my twig forest... any attacker that
ends up on a subnet between a host and my DNS server [aka the Kitchen
sink service server] ... that attacker is dead meat and has a 2x4
aimed his way... one advantage of being little)
Your patch folks may be calling up you AD guys for testing passes.
Workarounds:
*Block DNS related records at network gateways*
Blocking the following DNS record types at network gateways will help
protect the affected system from attempts to exploit this vulnerability.
*
ATMA
*
TXT
*
X25
*
HINFO
*
ISDN DNS
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will
hunt you down...
http://blogs.technet.com/sbs
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
