Microsoft has recently released an emergency patch for Security Bulletin MS08-067 which outlines a vector that leaves NT-derived operating systems vulnerable to attack.
Published on Thursday, MS08-067 outlines a flaw in the Windows Server service which would allow malformed RPC requests to execute remote code without notice. Under the terms of the bulletin, Microsoft describes that computers with WAN-facing ports are particularly susceptible. As such, the deeply-entrenched Windows XP is likely to bear the brunt of future attacks.
Microsoft’s decision to release a patch off of its monthly schedule, a move undertaken only four prior times, demonstrates the severity of the flaw. While the vector has not yet been broadly exploited, the newly-discovered Gimmiv.A trojan demonstrates its potential for abuse.
Users of Windows 2000, Windows XP, Windows Vista and their derivatives are advised to immediately download the security update for their respective operating system. The operating systems in the bulletin’s affected software table link directly to the relevant fix. Additionally, users with the Windows automatic update service enabled have already begun to receive the appropriate patch.
Articles RSS