Welcome to PChuck's Network News.

Sunday, August 13, 2006

August 2006 Patch Tuesday Report

Last week, Microsoft issued 12 security patches, 9 which they rated as Critical (Patch ASAP), and 3 Important (Patch As Soon As Convenient). ISC / SANS rated those patches, for computers used as network clients, as 2 Extra Critical (PATCH NOW), 8 Critical, and 2 Important.

One of those patches, MS06-040 (KB921883), fixes a vulnerability in the Server service (remember that almost all Windows computers will run the Server service, even though they may not be dedicated servers).

Today, ISC SANS issued MS06-040: BOLO -- Be On the LookOut (NEW), stating that

Over the weekend there was a botnet doing fairly wide scale scanning for hosts affected by the vulnerabilities in the MS06-040 advisory. While technically a botnet, it was spreading in a worm like fashion.

MS06-040 is one of the two patches that were rated as PATCH NOW by ISC SANS. Among the advice given:
  • If you have not done so yet:
    • Roll out the MS06-040 patches ASAP.
    • Do not forget to reboot those machines after patching!

MS06-040 has passed from vulnerability, to Proof Of Concept exploit, and to active exploit in progress. This is a serious situation, as documented by US CERT. Patch Now, please.

For convenient immediate downloads, I offer direct links here. Or you can use Windows Update, or Automatic Update.
  • Take a system checkpoint first.
  • Verify your Operating System name and service pack level:
    • My Computer
    • Properties
  • Download the most urgent patches, properly chosen for your operating system and service pack level, to an organised folder on your disk.
  • Run each update, from the folder, using Windows Explorer.

Ongoing Stories.

No comments: