• main
  • reviews
  • articles
  • authors
  • books
  • about
    • high contrast
    • default

BOOK REVIEWS / EDITORIALS

FEATURING...

ARTICLE ARCHIVES

Latest Articles

] Spirits in the World Trade Center Lights ...
17 March 10

Health-care 'trickery' called overthrow of Constitution
17 March 10

YOUR PAPERS, PLEASE ...U.S. congressman slams 'Big Brother' questions on census
17 March 10

World's Shortest Man, He Pingping, Dies
17 March 10

10th Amendment Lives! A 5th state has decided that guns made, sold and used within its borders no longer are subject to the whims of the Bureau of Alcohol, Tobacco and Firearms
17 March 10

Aborting Healthcare Reform
17 March 10

The Real Health Care Debate: Who Decides?
17 March 10

Beck: Slaughtering the Constitution plus . . .
17 March 10

Project to get transplant organs from ER patients raises ethics questions
17 March 10

Specter Opens Door on White House Felonies
17 March 10

Motorist Has Near Collision With Bigfoot In Pennsylvania
17 March 10

Diego Garcia bunker-busters meant to threaten Iran
17 March 10

Morris: OBAMA'S PLAN TO CRIPPLE EDUCATION REFORMS
16 March 10

AIPAC of Raving Lunatics
16 March 10

AIPAC of Raving Lunatics
16 March 10

HANDS OFF MY HEALTH CARE...DANGER OF GOV/RUN SYSTEM--update to 03/17/10
16 March 10

LAST FATIMA PROPHECY FULFILLED
16 March 10

New Bill Allows U.S.Citizen Dissenters To Be Detained As "Enemy Belligerents"?
16 March 10

Liberalism Truly is a Mental Disorder
16 March 10

Could this ad be Reid's downfall?
16 March 10

Categories
[show / hide]
  • 9/11
  • Advanced Weaponry
  • Afghanistan
  • Aliens
  • Banking/Financial
  • Bartley, James
  • Big Brother
  • Bizzarre
  • Black Ops
  • Casbolt, James
  • Celebrity
  • Censorship
  • Chemtrails
  • Commentaries
  • Conspiracy
  • Constitution/Law
  • Corporate Business
  • corruption/politicians
  • Covert
  • criminal
  • Crop Circles
  • cults
  • CZARS (us)
  • Despots
  • Disinformation
  • Drugs/Pharma
  • Election 2008
  • Environment
  • Esoteric/Paranormal
  • Eugenics
  • Evil-Totally
  • Federal Reserve
  • Foreign governments
  • Genetic Crops
  • Government
  • Government Screwups
  • Health/health care
  • Homeland Security
  • Illegal aliens
  • Illuminati
  • Immigration
  • Internet
  • Iran
  • Iraq
  • Islam
  • Israel
  • Legislation
  • Legislators
  • Mars
  • media
  • Media/Disinformation
  • medicine
  • Metaphysical
  • Microchipping
  • Middle East
  • MIL-INTELL Complex
  • Mind Control
  • New World Order
  • Obama
  • occult
  • Oil Crisis
  • Paranormal
  • Patriotism
  • People Power
  • Police state/crime
  • Politics
  • Power elite
  • Religion/Spirituality
  • Science/Technology
  • Secret Societies
  • Sex Slaves/Perversion
  • Social Engineering
  • Socialism 101
  • Socialists/communism
  • Space
  • Spin City
  • Spying
  • States' Rights/govn't.
  • Taxing/spending
  • TOTAL CONTROL
  • UFOS
  • Uncategorized
  • United Nations
  • War on Terror
  • World News
« older article         newer article »

Microsoft posts emergency defense for new attack [NEWS UPDATE]

Table of contents
INTRODUCTION: News update responds to threat of Web worm
PATCH WATCH: Microsoft posts emergency defense for new attack		   
      
 
   
INTRODUCTION

News update responds to threat of Web worm

By Brian Livingston

We're publishing a special news update today to bring you a bulletin on a serious weakness in Windows.

Susan Bradley, our contributing editor who covers Microsoft patches, has written an up-to-the-minute description of the latest situation, which potentially affects every recent version of Windows.

I also might publish a special newsletter on Oct. 30. Windows Secrets wouldn't ordinarily post new content on that date, because we usually skip any 5th Thursday of the month. In the coming days, however, there may be enough detail about the latest flavor of Internet threats to warrant a special report.

News updates like the one today have no paid content. The same version is e-mailed to all subscribers, first to our paying supporters and then to our free subscribers.

Susan and I believe that the threat is serious enough for every Windows user to install the new MS patch without hesitation. This is the first time in 1½ years that Microsoft has released an emergency fix outside of its monthly Patch Tuesday cycle. See Susan's article for specific download links. We'll bring you more information as soon as we have it. Stay tuned.

Brian Livingston is editorial director of WindowsSecrets.com and co-author of Windows Vista Secrets and 10 other books.Table of contents		   
 
   
PATCH WATCH

Microsoft posts emergency defense for new attack
By Susan Bradley

A remote-code exploit that could spread rapidly like the 2003 MSBlaster worm is putting all versions of Windows at risk.

I recommend that you immediately install a patch that Microsoft has just issued to protect your system from a vulnerability in the Server service.

MS08-067 (958644)
Rare out-of-cycle patch emphasizes the risk

With little warning, Microsoft released yesterday an unscheduled or "out-of-cycle" patch for a highly critical vulnerability that affects all versions of Windows. Security bulletin MS08-067 (patch 958644) was posted to warn of a remote-code attack that could spread wildly across the Internet.

Microsoft says it found evidence two weeks ago of an RPC (remote procedure call) attack that can potentially infect Windows machines across the Net with no user action required.

Windows Server 2003, 2000, and XP (even with Service Pack 2 or 3 installed) are particularly vulnerable. Vista and Server 2008 gain some protection via User Account Control, data-execution protection, and other safeguards, as explained in an article by Dan Goodin in the Register.

While firewalls are a first line of defense against this attack, don't think you're secure just because you have a firewall. Malware and viruses use many different techniques to wiggle their way into our systems.

For example, my office's networks are protected by firewalls on the outside, but inside the network, PCs have file and printer sharing enabled. If a worm got loose inside the office network (and the patch hadn't been installed), the attack would spread like wildfire.

Many antivirus vendors have already issued definition updates that protect against this attack. Your antivirus program, however, may not protect you completely even if your AV definitions are up-to-date. Early reports indicate that there are already nine different strains of viruses trying to take advantage of this vulnerability. We can expect more to come, so even the best AV application may not be able to update fast enough.

I've tested this patch and have had no problems applying it. I strongly urge you to download and install this patch manually. Restart your PC before installing any patch to verify that your machine is bootable. Then be sure to reboot again after installing the patch, so the patched binaries completely replace the vulnerable components.

Microsoft has posted several versions of the patch that apply to different operating systems:

• Windows 2000 with Service Pack 4 patch download
• Windows XP with Service Pack 2 or 3 patch download
• Windows XP 64-bit Edition patch download
• Windows Server 2003 with Service Pack 1 or 2 patch download
• Windows Server 2003 64-bit Edition patch download
• Windows Vista with or without Service Pack 1 patch download
• Windows Vista 64-bit Edition with or without Service Pack 1 patch download
• Windows Server 2008 32-bit Edition patch download
• Windows Server 2008 64-bit Edition patch download

More information: Please read security bulletin MS08-067. For an excellent technical explanation of the vulnerability and possible mitigations, read TechNet's Oct. 23 description. (TechNet incorrectly refers to MS08-067 as "out-of-band," but the patch is simply out-of-cycle, because it wasn't released on Microsoft's usual Patch Tuesday monthly cycle.)

permanent link

 

Copyright (C) 2001-2008: The Rose Garden - The Universal Seduction series and material listed on our authors' page - All Rights Reserved. The Rose Garden and The Universal Seduction, Piercing the Veils of Deception is a registered trademark. The collective authorship takes no responsibility for articles authored by others. They are posted for your reading edification and we are neither advocating nor disavowing the information found therein. * Republication and re-dissemination of articles with an asterisk is expressly prohibited without prior written consent.