0, But we already knew that going in Marc, thanks for the reminder tho, I am sure the stab wound is fresh right now... ( Just kidding)
Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -----Original Message----- From: Marc Maiffret [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 6:11 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned So how many of your anti-virus super security suites protect you from today's critical vulnerability? You should indeed drop everything and patch. As someone whom has been a part of a team that has found more of these types of vulnerabilities than most any other organization I can tell you this is extremely serious and being that there has not been a good remote SYSTEM in a while of this nature it is likely someone will want to write a worm for it simply for nostalgic sake. Also this is another example of a zeroday vulnerability being used in the wild. Just as I mentioned the other day on the Secunia anti-virus testing thread, zeroday attacks are on the rise in a big way and will continue. This exploit was being used against many Microsoft customers in the wild for some time now. The real number is completely unknown because against most of the security you all have in place would never detect this type of an attack. http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx http://www.nytimes.com/external/idg/2008/10/23/23idg-Microsoft-says.html http://www.theregister.co.uk/2008/10/23/emergency_windows_update/ --------- Marc Maiffret Director of Professional Services The DigiTrust Group, LLC. 5757 W. Century Blvd, Ste. 700 Los Angeles, CA 90045 p: 310.348.2901 f: 310.469.0103 e: [EMAIL PROTECTED] w: http://www.thedigitrustgroup.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
