Patches Released for Critical Security Issues for Microsoft Windows

Hopefully you are not using a friends computer to read this report. Microsoft has just issued a patch marked as ‘Critical’ which applies to Windows 2000, XP, and Server 2003 – and another patch marked ‘Important’ for Windows Vista and Serer 2008.

The critical vulnerability, according to Microsoft, is caused by the operating system’s improper handling of specifically crafted remote procedure call (RPC) requests. The problem is already being exploited in the wild and can allow attackers to gain full control of a computer. Microsoft also added that the windows firewall can be used to block such an attack.

Quoting a Microsoft security bulletin:

It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.”

On older Windows operating systems, 2000, XP, and Server 2003, attackers can gain access to networks as anonymous users. They would still be able to access networks using the Vista and Server 2008 exploits, but they need to be an authenticated user.

Microsoft claims that it had discovered the flaw itself, rather than through a security firm or by monitoring ‘chatter’ on hacker websites. Microsoft normally issues Windows updates on the second Tuesday of each month – these patches have been released ahead of regular schedule due to high importance of course. These kind of updates are referred to as ‘out-of-band’ releases.

More information regarding these security issues can be found on the United States Computer Emergency Readiness Team (US-CERT) under Technical Cyber Security Alert TA08-297A and SA08-297A.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
11 comments
    Your comment
  • jhansonxi
    These two statements seem conflicting:
    "Microsoft claims that it had discovered the flaw itself, rather than through a security firm or by monitoring ‘chatter’ on hacker websites."

    "The problem is already being exploited in the wild and can allow attackers to gain full control of a computer."

    So Microsoft "discovers" a flaw all by itself and releases a surprise patch while there are "exploits in the wild". Do the exploiters work on the Windows developer team or did they get advanced info through MSDN?

    "Microsoft also added that the windows firewall CAN be used to block such an attack."
    In other words it doesn't have any effect on the exploit by default.
    -1
  • HaZ
    jhansonxiThese two statements seem conflicting:"Microsoft claims that it had discovered the flaw itself, rather than through a security firm or by monitoring ‘chatter’ on hacker websites.""The problem is already being exploited in the wild and can allow attackers to gain full control of a computer."So Microsoft "discovers" a flaw all by itself and releases a surprise patch while there are "exploits in the wild". Do the exploiters work on the Windows developer team or did they get advanced info through MSDN?"Microsoft also added that the windows firewall CAN be used to block such an attack."In other words it doesn't have any effect on the exploit by default.


    Pretty Naive response - just because one person finds something, doesn't mean nobody else is allowed to find the same thing.

    It could be that Microsoft discovered it, then also discovered that it was already being exploited. Maybe not exploited on a grand scale yet though.

    And yes Captain obvious, the firewall is no good by default, but who DIDN'T know this already?
    3
  • one-shot
    I was actually told about this a few days ago. A friend's aunt, who is a programmer said that some attacks are going to come in the next few weeks. Then I read this article, Sounds real, but my pc is updated and anti virus is good so I should be alright.
    -1