Discussion in 'other security issues & news' started by ronjor, Oct 9, 2008.
Pretty rare for them to post such single update.
Anyone having any clues as to what component exactly they are fixing in a hurry now?
Although I did not receive a Windows Update Notification Tray yellow shield, went to Tools > Windows Update and there was a single update for my PC (WinXP SP2) which required restart.
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
Windows RPC hole being exploited already
McAfee also noted an early exploit last week:
You might wonder, since this was described as a zero-day exploit, if you would have been protected before the patch was issued, should you have encountered this exploit.
One preventative measure would be the firewall:
Microsoft Patches Vulnerability as Hackers Launch Attacks
[the worm exploits ports 139, 445]
Another preventative measure involves blocking the payload, the trojan executables. Any security product that prevents installing of unauthorized executable files would block this.