URGENT: Critical Security Update from Microsoft
Microsoft has just released (October 23 2008) an out of band, security update to address a critical situation which could allow a remote attacker to take over Windows computers without any user interaction.
This security up date is released out of the current cycle of security patch updates, which proves the severity of the issue. The issue itself affects the server service. The malware could allow an attacker to execute some arbitrary code using a specially crafted remote procedure call request.
Microsoft have said "This security update resolves a vulnerability in the Server service that affects all currently supported versions of Windows," said Christopher Budd, a MSRC security program manager. Windows XP and older versions are rated as 'Critical' while Windows Vista and newer versions are rated as 'Important.' Because the vulnerability is potentially wormable on those older versions of Windows, we're encouraging customers to test and deploy the update as soon as possible."
Microsoft has said that the vulnerability is quite severe and can affect every version of the windows operating system.
Microsoft has identified the malwares used in these attacks as: "TrojanSpy:Win32/Gimmiv.A" and "TrojanSpy:Win32/Gimmiv.A.dll.".
To learn more, please visit the Microsoft website.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment