Microsoft has released a new security update outside of common update cycle for Microsoft Windows operating systems. Fixed vulnerability is related to RPC message handling in server component. Vulnerability affects to systems which have file-sharing enabled. The file-sharing has not been activated by default in Windows XP SP2 and newer Windows versions.
Vulnerability can be used directly over network and it allows an attacker to execute arbitrary code in target system with full privileges.
Microsoft rates the vulnerability critical in all supported Windows operating systems excluding Windows Vista and Server 2008. In those two the vulnerability has been rated important. Public exploitation method against the vulnerability exists already.
The vulnerability will be very likely exploited in attacks and malicious programs. It is possible that this vulnerability could be used in the crafting of a wormable exploit.
Security update can be downloaded with Windows updating tool. The easiest way to install the update is Windows Update service.
The vulnerability can be also limited by disabling server service or by filtering network traffic into ports 139 and 445 by using either 3rd party or internal firewall. In Vista and Server 2008 it's also possible to filter the affected RPC identifier.
More details can be read from Microsoft Security Bulletin MS08-067.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment