Full Disclosure mailing list archives

Time to patch Windows boxes with MS08-067

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Fri, 24 Oct 2008 00:12:21 +0300 (EEST)

The out-of-the cycle update from Microsoft is MS08-067 - Vulnerability in Server Service Could Allow Remote Code 
Execution:

http://www.microsoft.com/technet/security/Bulletin/ms08-067.mspx

Recommended workarounds:
-Disable the Server and Computer Browser services
-Block TCP ports 139 and 445 at the firewall

As reported in Tuesday's advance notification all major Windows versions are affected, the bulletin rates Vista update 
as Important.

Microsoft has updated their AV products to protect against this RPC issue too.

Juha-Matti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Time to patch Windows boxes with MS08-067 Juha-Matti Laurio (Oct 23)
- Re: Time to patch Windows boxes with MS08-067 James Matthews (Oct 23)
- <Possible follow-ups>
- Re: Time to patch Windows boxes with MS08-067 Juha-Matti Laurio (Oct 23)
- Re: Time to patch Windows boxes with MS08-067 Juha-Matti Laurio (Oct 24)
  - Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 24)
    - Re: Time to patch Windows boxes with MS08-067 Erik Harrison (Oct 24)
    - Re: Time to patch Windows boxes with MS08-067 Valdis . Kletnieks (Oct 24)
    - Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 24)
    - Re: Time to patch Windows boxes with MS08-067 Valdis . Kletnieks (Oct 24)
    - Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 24)
    - Message not available
    - RE : Time to patch Windows boxes with MS08-067 waveroad waveroad (Oct 24)

(Thread continues...)