If your software garbles this newsletter, read this issue at WindowsSecrets.com.
 | YOUR NEWSLETTER PREFERENCES Change Delivery address: cpedley.kill-that-computer@blogger.com Alternate address: cgpedley@gmail.com Locale: Canada L3B 5N5 Reader number: 35034-18272 |
|
| Windows Secrets NEWS UPDATE Issue 172a • 2008-10-24 • Circulation: over 400,000 |
| Table of contents INTRODUCTION: News update responds to threat of Web worm PATCH WATCH: Microsoft posts emergency defense for new attack |
| INTRODUCTION News update responds to threat of Web worm  By Brian Livingston We're publishing a special news update today to bring you a bulletin on a serious weakness in Windows. Susan Bradley, our contributing editor who covers Microsoft patches, has written an up-to-the-minute description of the latest situation, which potentially affects every recent version of Windows. I also might publish a special newsletter on Oct. 30. Windows Secrets wouldn't ordinarily post new content on that date, because we usually skip any 5th Thursday of the month. In the coming days, however, there may be enough detail about the latest flavor of Internet threats to warrant a special report. News updates like the one today have no paid content. The same version is e-mailed to all subscribers, first to our paying supporters and then to our free subscribers. Susan and I believe that the threat is serious enough for every Windows user to install the new MS patch without hesitation. This is the first time in 1½ years that Microsoft has released an emergency fix outside of its monthly Patch Tuesday cycle. See Susan's article for specific download links. We'll bring you more information as soon as we have it. Stay tuned. Brian Livingston is editorial director of WindowsSecrets.com and co-author of Windows Vista Secrets and 10 other books. |
| PATCH WATCH Microsoft posts emergency defense for new attack
MS08-067 (958644) Rare out-of-cycle patch emphasizes the risk With little warning, Microsoft released yesterday an unscheduled or "out-of-cycle" patch for a highly critical vulnerability that affects all versions of Windows. Security bulletin MS08-067 (patch 958644) was posted to warn of a remote-code attack that could spread wildly across the Internet. Microsoft says it found evidence two weeks ago of an RPC (remote procedure call) attack that can potentially infect Windows machines across the Net with no user action required. Windows Server 2003, 2000, and XP (even with Service Pack 2 or 3 installed) are particularly vulnerable. Vista and Server 2008 gain some protection via User Account Control, data-execution protection, and other safeguards, as explained in an article by Dan Goodin in the Register. While firewalls are a first line of defense against this attack, don't think you're secure just because you have a firewall. Malware and viruses use many different techniques to wiggle their way into our systems. For example, my office's networks are protected by firewalls on the outside, but inside the network, PCs have file and printer sharing enabled. If a worm got loose inside the office network (and the patch hadn't been installed), the attack would spread like wildfire. Many antivirus vendors have already issued definition updates that protect against this attack. Your antivirus program, however, may not protect you completely even if your AV definitions are up-to-date. Early reports indicate that there are already nine different strains of viruses trying to take advantage of this vulnerability. We can expect more to come, so even the best AV application may not be able to update fast enough. I've tested this patch and have had no problems applying it. I strongly urge you to download and install this patch manually. Restart your PC before installing any patch to verify that your machine is bootable. Then be sure to reboot again after installing the patch, so the patched binaries completely replace the vulnerable components. Microsoft has posted several versions of the patch that apply to different operating systems: • Windows 2000 with Service Pack 4 patch download • Windows XP with Service Pack 2 or 3 patch download • Windows XP 64-bit Edition patch download • Windows Server 2003 with Service Pack 1 or 2 patch download • Windows Server 2003 64-bit Edition patch download • Windows Vista with or without Service Pack 1 patch download • Windows Vista 64-bit Edition with or without Service Pack 1 patch download • Windows Server 2008 32-bit Edition patch download • Windows Server 2008 64-bit Edition patch download More information: Please read security bulletin MS08-067. For an excellent technical explanation of the vulnerability and possible mitigations, read TechNet's Oct. 23 description. (TechNet incorrectly refers to MS08-067 as "out-of-band," but the patch is simply out-of-cycle, because it wasn't released on Microsoft's usual Patch Tuesday monthly cycle.) The Patch Watch column reveals problems with patches for Windows and major Windows applications. Susan Bradley recently received an MVP (Most Valuable Professional) award from Microsoft for her knowledge in the areas of Small Business Server and network security. She's also a partner in a California CPA firm. |
| PERMALINKS Use this permalink to share info with friends We love it when you include our links in e-mails to your friends. This is better than forwarding your copy of our e-mail newsletter. (When our newsletter is forwarded, some recipients click "report as spam" and corporate filters start blocking our e-mails.) All of today's articles are posted at: http://WindowsSecrets.com/comp/081024 Get our paid content by making any contribution
Thanks in advance for your support! |
| YOUR SUBSCRIPTION The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets resulted from the merger of several publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008. Publisher: WindowsSecrets.com LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine). Editorial Director: Brian Livingston. Senior Editor: Ian Richards. Editor-at-Large: Fred Langa. Technical Editor: Dennis O'Reilly. Associate Editors: Scott Dunn, Stuart J. Johnston. Program Director: Tony Johnston. Program Manager: Ryan Biesemeyer. Web Developer: Damian Wadley. Editorial Assistant: Katy Chenoweth Abby. Copyeditor: Roberta Scholz. Chief Marketing Officer: Jake Ludington. Contributing Editors: Susan Bradley, Mark Joseph Edwards, Woody Leonhard, Ryan Russell, Scott Spanbauer, Becky Waring. Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their respective owners. YOUR SUBSCRIPTION PREFERENCES (change your preferences): Delivery address: cpedley.kill-that-computer@blogger.com Alternate address: cgpedley@gmail.com Country: Canada ZIP or postal code: L3B 5N5 Reader number: 35034-18272 Bounce count: 0 Your bounce count is the number of times your server has bounced a newsletter back to us since the last time you visited your preferences page. We cannot send newsletters to you after your bounce count reaches 3, due to ISP policies. If your bounce count is higher than 0 or blank, please visit your preferences page. This automatically resets your bounce count to 0. To change your preferences: Please visit your preferences page. To access all past issues: Please visit our past issues page. To upgrade your free subscription to paid: Please visit our upgrade page. To resend a missed newsletter to yourself: If your mail server filtered out a newsletter, you can resend the current week's issue to yourself. To do so, visit your preferences page and use the Resend link. To get subscription help by e-mail (fastest method): Visit our contact page. Subscription help by facsimile: 206-282-6312 (fax). Emergency subscription help by phone: 206-282-2536 (24 hours). HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page. WE GUARANTEE YOUR PRIVACY: 1. We will never sell, rent, or give away your address to any outside party, ever. 2. We will never send you any unrequested e-mail, besides newsletter updates. 3. All unsubscribe requests are honored immediately, period. Privacy policy HOW TO UNSUBSCRIBE: To unsubscribe cpedley.kill-that-computer@blogger.com from the Windows Secrets Newsletter,
|
No comments:
Post a Comment
Thanks for understanding that we need to prevent the nasties.