Microsoft announced this morning that an emergency patch for a major security vulnerability will be released in early November. The vulnerability article, entitled “Vulnerability in Server Service Could Allow Remote Code Execution” is listed as “Microsoft Security Bulletin MS08-067 – Critical“. The patch will be delivered during a non-routine cycle, which indicates the seriousness of the vulnerability.
The vulnerability is a remote exploit through the Windows Server service, and is such that a worm similar to the “Blaster” worm a few years back could theoretically exploit it, meaning a computer could become infected through no fault or interaction of the user. The patch is slated for Windows XP, Server 2003, and Windows 2000. There will be a version for Vista and Server 2008 as well, although those operating systems are less vulnerable to the exploit.
Articles RSS