Major Windows security patch released

Author: Gareth Halfacree
Published: 24th October 2008
Comments (12) Stumble
Major Windows security patch released

I'm not sure Bill would be smiling so widely had he known about the MS08-067 flaw when this picture was taken.

Microsoft has broken its monthly patch cycle to release an urgent update for Windows 2000, XP, 2003, Vista, and 2008 in order to fix a critical security vulnerability which is already being exploited in the wild.

The bulletin, released yesterday, outlines a flaw in the Server service which allows for remote code execution upon receipt of a specially crafted RPC request – which is to say that this vulnerability does not require user interaction to exploit, making it a particularly nasty little bug. While the flaw requires that your firewall rules allow RPC requests in, it's certainly easier to exploit than most modern Windows vulnerabilities – and trivial from within a local network.

Interestingly, the flaw – which dates right back to Windows' roots in the New Technology (NT) era – also affects the latest pre-beta release of Windows 7, the next-generation Microsoft OS. Although the flaw still exists in Windows 7, it's not quite as bad as prior versions – an attacker must already be authenticated against the target system, which is not required for previous versions of Windows. As a result, Microsoft rates the bug as 'Important' rather than 'Critical' for this OS.

For us mere mortals still using Vista or – heaven help us – XP, the flaw is 'Critical' and requires immediate patching to prevent the baddies from wreaking havoc on your nice shiny system. The best way to fix the issue is to download the update via the [eurl=http://update.microsoft.com[/eurl]Microsoft Update[/eurl] site, which will require a reboot. If that's not possible right now, there are some workarounds: disable both the Computer Browser Service and Server services on Windows 2000 or XP, and Vista or Server 2008 users can filter the affected RPC identifier via netsh as shown in the bulletin. Failing all of that, blocking ports 139 and 445 at the firewall will prevent the nasties from getting in, but is likely to break file sharing and network logon functionality.

This latest security flaw in the Windows core code is embarrassing for Microsoft, but potentially even more so for its customers – I can't stress enough how important it is to ensure you are protected against this issue as soon as possible.

Is this latest gaffe the straw that breaks the camel's back and sends you scurrying for an alternative OS, or is it just bad luck that it's taken Microsoft so many years to spot the flaw? Share your thoughts over in the forums.
Quote shigllgetcha 24th October 2008, 13:00
the code for the link to the update is written wrong
Quote chrisb2e9 24th October 2008, 14:08
what would actually happen to your pc if this happened to you?
Quote TreeDude 24th October 2008, 14:25
Quote:
Originally Posted by chrisb2e9
what would actually happen to your pc if this happened to you?

That is up to the attacker. They pretty much gain full control of your PC.
Quote SlickGnome 24th October 2008, 14:46
YAY 40 Servers to Patch and the Patch system blew up at end of last week and is still being rebuilt.... This is gonna take a while.
Quote Xir 24th October 2008, 14:58
Well there's a nice fridayafternoon job for you ;-)
Quote Jordan Wise 24th October 2008, 18:21
this damn patch stopped the audio working on my eee 1000h
Quote themax 24th October 2008, 19:02
I recieved an update lastnight from Microsoft (Assuming this was that update) on my Vista computer and found that Windows Defender went and turned itself back on after the reboot. :?
Quote hodgy100 24th October 2008, 20:25
damn i need this and windows update has broken on my pc :(
Quote Buzzons 24th October 2008, 22:47
just block the tcp ports on the router - they shouldn't be open any way.
Quote LordPyrinc 24th October 2008, 23:08
Apparently I got the update last night. So far no audio issues, but I'm not running an Eee.
Quote Crunch77 25th October 2008, 21:22
Updated on Vistax64. Audio skipping in intro to AoC and fps in low teens-single digit.
Somehow PCIe was at x1. Reinstalled graphicsdriver and all is fine again 90+fps
Quote azrael- 26th October 2008, 17:29
Quote:
For us mere mortals still using XP or – heaven help us – Vista...
There! Fixed that nasty little typo for you... :)

On another note, how embarrassing is it for Microsoft to STILL have security issues related to RPC? One would have thought they'd finally locked this down after the Blaster (and, I believe, Sasser) worm ravaging the Windows platform. I guess not...
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.