Out of Cycle Windows Update – Patch Today



Yesterday news broke of an out of cycle security patch for Windows. The bulletin is available from Microsoft. Apparently the vulnerability was in the Windows Server service (XP, 2003, 2000, 2008, Vista ALL affected though regardless of server/workstation/client/desktop/etc…). The RPC handling (remote procedure call) is the achilles heel this time around. It sounds as though as many as 100 instances of this flaw being exploited had been seen in the wild, but use was increasing which prompted the out of cycle release. This is the kind of vulnerability that could be exploited by a worm that could give rise to a worm reminiscent of the Blaster Worm. (Worms are self-replicating viruses that spread over networks without user intervention.)

Related Posts

Blog Traffic Exchange Related Posts
  • Viruses and worms can come in from many directions For a long time, email was the primary vector for viruses, before that floppy discs carried bugs from pc to pc. Then came network worms exploiting windows security vulnerabilities which led to the rise of firewalls and the increase in viruses piggy-backing into the system through browser bugs. But, any......
  • Microsoft's priorities... I didn't really think of this in context, but George Ou points out that Microsoft issued an "out of cycle" patch for their DRM software in response to the FairUse4WM software that stripped DRM protections from Windows Media Files. It took a mere 3 days from being made aware of......
  • VMware Server OK - just fresh off solving the reason I couldn't get vmplayer to start on my 1Ghz AMD 64 1GB of memory machine.... I started looking at vmserver. (RC1). Now, vmplayer is a free download (so is vmware server). I'm really liking what I see from vmware server and am......
Blog Traffic Exchange Related Websites
  • Security News: US report blasts China, Russia for cybercrime; Duqu Malware: Still No Patch; MIT server hijacked in drive-by download campaign US report blasts China, Russia for cybercrime By LOLITA C. BALDOR, Associated Press – 4 hours ago WASHINGTON (AP) — Cyberattacks by Chinese and Russian intelligence services, as well corporate hackers in those countries, have swallowed up large amounts of high-tech American research and development data, and that stolen information......
  • Information Security Definitions - Zero Day Attack (0 Zero Attack) A zero-day attack or threat is a computer threat that tries to exploit unknown, undisclosed or unpatched computer application vulnerabilities. The term Zero Day is also used to describe unknown or Zero day viruses. Zero-day exploits are released before the vendor patch is released to the public. Zero-day exploits generally......
  • Gmail Exploit May Lead to Domain Hijacking Hii all Gmail users/lovers, A Gmail security vulnerability may allow an attacker to set up filters on users' e-mail accounts without their knowledge, according to a proof of concept posted Sunday at GeekCondition.com. In his post, Brandon writes that the vulnerability has caused some people to lose their domain names......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site