Skip to main content
Sign In |
  Help (new window)

Home
Kinetics Handy Hints
News From Kinetics
General Information
Products and Services
Careers
Case Studies
Secure Login
  
Home > News From Kinetics

Urgent Security Warning 

View All Site Content

 
25/10/2008  Andrew Hunt 

Not again!  Well, actually it has been a very long time since there has been a vulnerability found like this - many years.  And, to their great credit, Microsoft have been very public, and very proactive, about drawing attention to the problem, and the solution. I guess the analogy is to airport security - if there weren't these idiots trying to destroy the world, then we wouldn't need to go through the pain and cost of all that security, but we'd rather not run any unnecessary risks.

This one is all about a thing called a worm.  A worm is a programme that gets loaded on one PC or laptop, then spreads to infect others.  Most firewalls will block it, but if this gets onto a "trusted" PC, such as a laptop, or a remote machine that then "VPNs" back to your work network, then the virus can spread.

What should you do? 

The answer is 'Contact us to arrange a convenient time for us to update your system'   

The update doesn't take long but it does require a reboot. 

Effected Systems - Windows 2000, 2003, XP

Limited exposure  - Windows 2008 and Vista

Contact us

email support@kinetics.co.nz

or

call 09 379 8200 or 0800-KINETICS

Most of our clients maintain excellent firewalls, and the latest antivirus and we do everything practical to ensure all PCs are up to date.  This will significantly reduce your risk, but it's not enough to rely on this.  Some machines may sneak through, particularly home PCs that 'VPN' back to work or roaming laptops.  And sometimes there are machines for which the updates don't always work, or are deliberately left alone for a particular reason.  We'd really like to revist these and minimise your exposure.

We work hard to keep our contracted clients up to date with all security patches.  We'll be working hard to get all those computers updated as quickly as possible.  Our KARE contracted clients will get priority service, but everyone is important to us, and we'll be aiming to be as proactive as we possible can.

What Microsoft say : This alert is to provide you with an overview of the new security bulletin released (out of band) on October 23, 2008. Microsoft has released security bulletin MS08-067, Vulnerability in Server Service Could Allow Remote Code Execution (958644), to address a vulnerability in all currently supported versions of Windows. This security update was released outside of the usual monthly security bulletin release cycle in an effort to protect customers.

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests.