MS Issues Emergency Patch: Don't Delay, Patch Today!

[ViRGE]

A critical flaw has been found that allows remote code execution, through a specifically crafted RPC request against the Server service (i.e. this is a SMB exploit). MS has issued an "out-of-band" patch to immediately fix this, as all versions of Windows are vulnerable.

Windows 5.xx: Completely Vulnerable/Critical (No authentication required)
Windows 6.xx: Partially Vulnerable/Important (The attacker would need appropriate authentication credentials)

Firewalls can block this, but only if they're configured to block SMB requests. This means that most computers in a LAN are vulnerable to each other, should an exploit be deployed in such a way that it can cross the network's firewall (i.e. delivered via infected laptops or an email-based worm).

This is currently being exploited in the wild

Patch today, before certain doom strikes us all! 😉

 

[mechBgon]

Critical Remote Code Execution Vulnerability, All Versions Of Windows

It's not Critical on Vista or WS2008 🙂 But yeah, Windows users should get patched.

Other suggestions for home users of Windows:

1) get your Windows Update engine upgraded to the Microsoft Update engine, at http://update.microsoft.com This gets you automatic updates for stuff like Office, Works, and other Microsoft software that didn't come with Windows itself.

2) review your rig using Secunia's free Personal Software Inspector to find & fix known exploitable vulnerabilities

3) if you have broadband, but don't already have a router to serve as a perimeter firewall, get one. And if you get a router that has wireless, lock down the wireless access using encryption and the MAC address filter, or turn it off if you don't need wireless yet.

 

[Billb2]

XP requires a reboot for this puppy.

 

[Brovane]

Damn the MS Support site is jammed.

 

[stash]

Originally posted by: Billb2
XP requires a reboot for this puppy.

Reboot is required on all affected systems.

 

[RebateMonger]

n.m.

 

[TonyRic]

I am shocked by this. LOL

 

[VinDSL]

Originally posted by: stash

Originally posted by: Billb2
XP requires a reboot for this puppy.

Reboot is required on all affected systems.

Um... Microsoft Security Bulletin MS08-067 ? Critical 😀

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows 2000 Service Pack 4:

Windows2000-kb958644-x86-enu /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows XP Service Pack 2 and Windows XP Service Pack 3:

Windowsxp-kb958644-x86-enu /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2:

WindowsServer2003.WindowsXP-kb958644-x64-enu /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported 32-bit editions of Windows Vista:

Windows6.0-KB958644-x86 /quiet /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported x64-based editions of Windows Vista:

Windows6.0-KB958644-x64 /quiet /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported 32-bit editions of Windows Server 2003:

Windowsserver2003-kb958644-x86-enu /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported x64-based editions of Windows Server 2003:

Windowsserver2003.WindowsXP-KB958644-x64-enu /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported Itanium-based editions of Windows Server 2003:

Windowsserver2003-KB958644-ia64-enu /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported 32-bit editions of Windows Server 2008:

Windows6.0-KB958644-x86 /quiet /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported x64-based editions of Windows Server 2008:

Windows6.0-KB958644-x64 /quiet /norestart

To install the security update without forcing the system to restart, use the following command at a command prompt for all supported Itanium-based editions of Windows Server 2008:

Windows6.0-KB958644-ia64 /quiet /norestart

 

[Blazer]

thats weird, didnt show up as needed on my end.

 

[RebateMonger]

Originally posted by: blazer
thats weird, didnt show up as needed on my end.

After I re-ran Windows Updates it showed up on my personal SBS Server. Similarly, it showed up on my Vista box after re-running the Windows Update scan. Haven't looked at my personal XP machine yet.

 

[WobbleWobble]

To quote Websense, "The out-of-band patch release by Microsoft testifies to the severity of this vulnerability and the urgency for an immediate fix."

VinDSL, if you read a little further..

Restart required? Yes, you must restart your system after you apply this security update.
HotPatching - This security update does not support HotPatching.

My understanding is that you can install the patch without restarting the server but you're still vulnerable until you restart.

 

[VinDSL]

Originally posted by: WobbleWobble
VinDSL, if you read a little further..

Restart required? Yes, you must restart your system after you apply this security update.
HotPatching - This security update does not support HotPatching.

My understanding is that you can install the patch without restarting the server but you're still vulnerable until you restart.

~Cool

Let's test the theory... 😀

 

[bsobel]

Originally posted by: VinDSL

Originally posted by: WobbleWobble
VinDSL, if you read a little further..

Restart required? Yes, you must restart your system after you apply this security update.
HotPatching - This security update does not support HotPatching.

My understanding is that you can install the patch without restarting the server but you're still vulnerable until you restart.

~Cool

Let's test the theory... 😀

If you check the pending move file operations after the install, you should see the files waiting to be moved at the reboot. http://technet.microsoft.com/e...nternals/bb897556.aspx

 

[stash]

The norestart switch is just there so you can postpone the restart. A restart is still required for the update to actually take effect, and should be done as quickly as possible after updating. A system that has been patched but not rebooted (for patches that require reboots, like this one) is in an inconsistent and unsupported state.

 

[Blazer]

whats the KB # for that update ?

 

[Genx87]

958644

 

[Blazer]

thanks, manual downloaded