| Cliffnotes: Do your Windowsupdate.com patches now (all versions: 2000, XP, Vista and all Server products) I know we have a high percentage of IT people on this board and most of you are using a computer to read this so you should be aware. Microsoft very rarely breaks from their patch cycle to release an update unless it's very serious and this one is. Much like the Blaster/Sasser worms some years back that ravaged unpatched systems, this hole is gaping especially if you have Windows File Sharing enabled. This exploit can be made into a worm which uses a service installed by default on nearly every windows system. That and it doesn't require user interaction to exploit. It's near perfect worm-bait. While not all of you will be immediately at risk, it's still a good (no, great) idea for you to update your systems via Automatic Updates, Windowsupdate.com or the direct download below: OS Specific downloads for all Windows versions (if you can't run Windowsupdates):
[ http://www.microsoft.com/downloads/results.aspx?pocId=&freetext=KB958644&DisplayLang=en ] Further reading:
Washington Post Article in layman's terms:
[ http://voices.washingtonpost.com/securityfix/2008/10/microsoft_to_issue_emergency_s_1.html ] Microsoft's Press Release on the exploit:
[ http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx ] National Cyber Alert System description:
[ http://www.us-cert.gov/cas/techalerts/TA08-297A.html ]
 
Avoid Z1 Motorsports - Hacked TT.net deleting years of proof about service nightmares, employee misconduct and lies about parts. Use trusted vendors instead!
Avoid AMS Products - Killing Z32 product innovation, one quickly copied, questionable Chinese part at a time.
SoCalZCrew.com - On a more positive note, come find out how we do it in the West!
|
