[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Sign-in] [Mail] [Setup] [Help]
Status: Not Logged In; Sign In
|
Science/Tech See other Science/Tech Articles Title: Homeland Security: Apply MS06-040 Patch Homeland Security: Apply MS06-040 Patch August 9, 2006 By Ryan Naraine Less than 24 hours after Microsoft shipped security fixes for 23 serious software vulnerabilities, the U.S. government's Department of Homeland Security issued a firm notice to Windows users: immediately apply the patches in the MS06-040 bulletin. In a somewhat unusual move, the DHS warned that the patches cover a remote code execution vulnerability that could be used in a network worm attack similar to Blaster, Slammer of Sasser. "Windows users are encouraged to avoid delay in applying this security patch. Attempts to exploit vulnerabilities in operating systems routinely occur within 24 hours of the release of a security patch," the agency said in an public advisory. The department warned that a successful attack could be launched remotely to take control of an affected system and install programs, view, change or delete data, and create new accounts with full user rights. Read more here about Microsoft's efforts to patch a vulnerability. "This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users," the DHS added. The DHS recommended that home users opt for Microsoft's Windows Update to automatically download and apply all the appropriate security fixes. The MS06-040 bulletin addresses a buffer overflow in Server Service, which is used to provide RPC (remote procedure call) support, file print support and named pipe sharing over a network. Because the flaw presents a remote, unauthenticated attack vector, an anonymous attacker could send specially rigged network packets over the Internet to launch malicious code on vulnerable systems. To read more about the Sasser worm, click here. A worm attack exploiting this bug would affect unpatched versions of Windows 2000, Windows XP (SP1 and SP2) and Windows Server 2003 (SP1 inclusive). The use of the built-in Internet Connection Firewall in Windows XP and Windows Server 2003 would help block network-based attempts to exploit the vulnerability. Microsoft also recommends that TCP ports 139 and 445 be blocked at the firewall. The US-CERT (U.S. Computer Emergency Readiness Team) has already warned that the flaw has been used in active attacks, even before Microsoft released the patch. Immunity, a Miami-based security company that sells penetrating testing tools, on Aug. 9 released proof-of-concept exploits for MS06-040 to customers in its Partner Program. Check out http://eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at http://eWEEK.com Security Center Editor Larry Seltzer's Weblog. Copyright (c) 2006 Ziff Davis Media Inc. All Rights Reserved.
Post Comment Private Reply Ignore Thread Top • Page Up • Full Thread • Page Down • Bottom/Latest Begin Trace Mode for Comment # 6.
#6. To: Red Jones (#0)
Well MS again pokes their customers in the eye. Not only do they write bug prone software but then they have the nerve to require you to use their "update" that calls home to make sure you have a legitamte copy of XP. If you turn this update off by not letting it call home then the Windows update site will no longer work for you. I have had it with MS!!! I am installing Linux ASAP.
There are no replies to Comment # 6. End Trace Mode for Comment # 6.
Top • Page Up • Full Thread • Page Down • Bottom/Latest |
||
|
[Home]
[Headlines]
[Latest Articles]
[Latest Comments]
[Post]
[Sign-in]
[Mail]
[Setup]
[Help]
|
||