Microsoft Security Bulletin Advance Notification for October 2008

Discussion in 'other security issues & news' started by ronjor, Oct 9, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,059
    Location:
    Texas
    Microsoft
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,059
    Location:
    Texas
    Microsoft
     
  3. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Pretty rare for them to post such single update.

    Anyone having any clues as to what component exactly they are fixing in a hurry now?
     
  4. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,429
    Location:
    U.S.A.
    Although I did not receive a Windows Update Notification Tray yellow shield, went to Tools > Windows Update and there was a single update for my PC (WinXP SP2) which required restart.
    Vulnerability in Server Service Could Allow Remote Code Execution (958644)
     
  5. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
  6. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    McAfee also noted an early exploit last week:

    Spy-Agent.da
    http://vil.mcafeesecurity.com/vil/content/v_152898.htm

    You might wonder, since this was described as a zero-day exploit, if you would have been protected before the patch was issued, should you have encountered this exploit.

    One preventative measure would be the firewall:

    Microsoft Patches Vulnerability as Hackers Launch Attacks
    http://www.eweek.com/c/a/Security/Microsoft-Patches-Vulnerability-as-Hackers-Launch-Attacks/

    [the worm exploits ports 139, 445]

    Another preventative measure involves blocking the payload, the trojan executables. Any security product that prevents installing of unauthorized executable files would block this.


    ----
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.