Several years ago there was an RPC/DCOM exploit that is similar. If your system is connected to a network, and an exploited system can see it, you can be invited to join the party and help spread the pain.
It took out an enterprise in clean up for 2-3 immediately days. On Thu, Oct 23, 2008 at 1:59 PM, Sam Cayze <[EMAIL PROTECTED]> wrote: > AND WINDOWS 7!?!?!? WTF?! I finally just fired up my RSS reader today. > Emergency Patch is the title of every post. > > > > > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 3:56 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > Yes this one Offically SUCKS:) > > This is about as bad as the DNS vulnerability, at least that one was > responsible disclosure.. > > Z > > Edward E. Ziots > Network Engineer > Lifespan Organization > MCSE,MCSA,MCP,Security+,Network+,CCA > Phone: 401-639-3505 > > -----Original Message----- > From: Sam Cayze [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 4:52 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > Yikes, this even affects Win 2008 CORE?!?! > > Thanks for the info on deadlines :) > > Sam > > > > -----Original Message----- > From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 2:59 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > It also overcomes the issue of any users that may have admin privileges. > Without a Deadline set, they can continue to select install later when > prompted that updates are available. > Of course none of us EVER let anyone on our networks run with admin > rights. ;-) TVK > > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 2:55 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > I set that on my template in Shavlik, if you don't reboot its going to > force reboot you and u don't have a choice, nor can they kill the > service, either. > > Z > > Edward E. Ziots > Network Engineer > Lifespan Organization > MCSE,MCSA,MCP,Security+,Network+,CCA > Phone: 401-639-3505 > > -----Original Message----- > From: Sam Cayze [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 3:45 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > Soo... What's this whole 'Deadline' thing in WSUS, is this one of those > times to use it? Does it overide users prograstinating about > installs/reboots? > > No biggie, I can google it too, but it you have thoughts to share, it > would be nice. > > S > > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 2:12 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > LOL this whole scenario is wrong: () Git-Er-Done and lets get patchin :) > > > Z > > Edward E. Ziots > Network Engineer > Lifespan Organization > MCSE,MCSA,MCP,Security+,Network+,CCA > Phone: 401-639-3505 > > -----Original Message----- > From: Phil Thompson [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 3:09 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > My mistake.. I like your saying, I'll have to use that some time. > > > -----Original Message----- > From: Carl Houseman [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 3:07 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > I can click on "Windows XP Service Pack 3" in that bulletin and I am > taken to a download page for the update. > Same for WS03 SP2. > > Please don't insist on being wrong. > > Carl > > -----Original Message----- > From: Phil Thompson [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 2:43 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx > > > > Phil > -----Original Message----- > From: Carl Houseman [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 2:33 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > Q: How did you come to that conclusion? > > A: You're looking at the "bulletins replaced by" column. > > Reading is fundamental.. > > -----Original Message----- > From: Phil Thompson [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 2:27 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > Must not affect W03 sp2 or XP sp3, there's no update for them.. > > Phil > > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 1:58 PM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch to be released today, > stay tuned > > Its out and its NASTY// > > MS08-067, publically being exploited right now, unauthenticted remote > code execution against the server service, smells like a network worm > with mass exploitation vulnerabilities to me. > > Happy patch Thrusday, just hope you don't get hacked by Friday... > > Z > > Edward E. Ziots > Network Engineer > Lifespan Organization > MCSE,MCSA,MCP,Security+,Network+,CCA > Phone: 401-639-3505 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
