Major new Microsoft vulnerability

[Garion]

Snagged from SANS. Might be old (slightly) news to some, but everyone should pay attention to this one.

The first story below describes a critical Microsoft vulnerability
(MS03-026) that affects Windows NT, Windows 2000, Windows 2003 Server, and Windows XP. A worm using this vulnerability would find more than ten times as many potential victims as Code Red. If an efficient worm is launched, so many infected systems will be searching for victims that you will not be able to download the patches before being infected. Do
*not* rely entirely on blocking traffic to port 135 as a defense. Install the patches. If you needed a reason to launch a sweeping vulnerability elimination program on all Windows systems -- including the home computers from which your users connect to your corporate systems -- this is it.

Here's the official Microsoft bug page

In short - Time to patch up, folks!

- G

 

[Thor86]

Nice post Garion, I'd also suggest any NT admins to subscribe to the security bulletins from MS if you haven't done so already.

I got the email bulletin on this the day of, and had tested all my internal servers that afternoon, and rolled out the patch(es) on our production servers the next night.

 

[mboy]

SANS, who's that?

JUST KIDDING, I was at SANS fire in D.C. last week and let me tell u that that place is FULL of brilliant mofo's for sure!!!!