"Quoting the KB Article" An unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets.
The unauthenticated remote code execution=worm (weaponized exploit) plus Microsoft’s view that an exploit would be likely in the next 30 days, defintely raises the risk profile enough ( in the absence of any other compensating controls) to warrant a Critical Priority for testing and deployment. Especially even though there is not a POC for MS11-020 there is POC for MS11-019 which is also another Unauthenticated Remote Code Execution. Couple these together, with an existing worm ( Conficker, et al) and you have an formula for mass exploitation. Happy patching. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 -----Original Message----- From: Kurt Buff [mailto:[email protected]] Sent: Sunday, April 17, 2011 5:06 PM To: NT System Admin Issues Subject: Epsilon breach begins to stink much worse... The criminals know what prescription drugs the breach victims (end-users) take: http://www.cauce.org/2011/04/epsilon-breach-criminals-now-know-what-prescriptions-you-take.html ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
