Thursday, October 23, 2008

F8r, for reals!

I only send emails about Windows security warnings to the people I really like . .

Microsoft has issued a rare immediate patch to address flaws within Windows XP. The technical information can be found in the notes below, but I won't try to explain them to you. If you do NOT see a Windows Update icon appear in the lower right corner of your computer today, October 23, immediately go to and run the patches marked as urgent.

This patch will require you to reboot. If you shut down your computer today and it asks to install patches, please do so.

No foolin'. Bill Gates will NOT be sending you $10,000.

-----Original Message-----

Sent: Thursday, October 23, 2008 3:35 PM
To: Windows Administrators
Subject: Re: Microsoft Security Bulletin MS08-067 - Critical

Details about this out of band patch are very sparse. Some very useful information is being reported by SANS. See the SANS diary entry for details:

The Sans diary also has a link to a Microsoft blog by Christopher Budd with a very readable version of the story.

The folks at SANS wonder if the hacker community will write a worm that uses this RPC vulnerability in the same manner as the infamous blaster/nachia worms.

It is hard to know if a hacker will be motivated to write a modern version of blaster. It would be best to patch your systems and avoid the issue entirely.

>At 01:13 PM 10/23/2008, wrote:
>Windows Admins:
>Microsoft has issued an "out-of-band" critical patch for Windows 2000, Windows XP, >and Windows Server 2003 (it is tagged "important" on Vista and Server 2008). This >patch relates to "remote code execution". See the following for more info:
>In general, when Microsoft releases patches immediately (not waiting for the >monthly updates) it means this critical vulnerability should be patched ASAP as the >exploit is available on the internet. You would be strongly advised to patch your >systems.


iamcoyote said...

Fer really reals? Aw, shit. 'Kay. Thanks, idio.

Anjha said...

All updated and sent en email to myself and my workmates at work so that we get updated there too.

Thanks Id.

Seven of Six said...

Thanks Id. Did the deed? Rather easy and painless. Proud of myself that I was able to figure out which version I was using.

idiosynchronic said...

Y'all are welcome. And thank you for not allowing yourself to spread the digital crabs. :)