According to the SDL blog, this is why this particular issue is not easy to discover, especially using automated analysis: http://blogs.msdn.com/sdl/archive/2008/10/22/ms08-067.aspx
Cheers Ken > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Monday, 27 October 2008 12:45 AM > To: NT System Admin Issues > Subject: RE: Out of Cycle Critical Windows Patch ? > > Yeah someone lit a fire under MSFT arse and they got with the program on > this one, but only after they detected systems getting exploited in the > wild. Why they didn't determine this flaw back when they patched 06-040 > for the same type of issue we probably will never know... > > Z > > Edward E. Ziots > Network Engineer > Lifespan Organization > MCSE,MCSA,MCP,Security+,Network+,CCA > Phone: 401-639-3505 > > -----Original Message----- > From: Kurt Buff [mailto:[EMAIL PROTECTED] > Sent: Friday, October 24, 2008 8:08 PM > To: NT System Admin Issues > Subject: Re: Out of Cycle Critical Windows Patch ? > > Taking this in a slightly different direction... > > I told the IT Director and COO yesterday that I was patching all > servers, and sending an email to all of the laptop users to do the > same. > > They were a bit skeptical, but not only did the emails that I > forwarded them from various lists buttress my opinion, this morning I > got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist > of the message - MSFT is taking this extremely seriously, and you > should patch now. > > Director's comments was "nice job, good of you to jump on this." > > Anyone else get a call like this from MSFT? It's the first time I've > heard of them doing this, and I take it as a really good sign - MSFT > is finally getting the real clue about this stuff. > > Kurt > > On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall > <[EMAIL PROTECTED]> wrote: > > Chaps, > > > > The update that was sent out last night, has that caused any issues > > elsewhere? We've had a spate of calls from users about problems today, > > several servers which were set to auto-update for various reasons have > > had varying levels of failure. It's mentally busy here for a Friday, > and > > the one thing they have in common is that all the machine rebooted for > > an update last night. > > > > Is it just us ? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
