Must not affect W03 sp2 or XP sp3, there's no update for them.. Phil
-----Original Message----- From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 1:58 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned Its out and its NASTY// MS08-067, publically being exploited right now, unauthenticted remote code execution against the server service, smells like a network worm with mass exploitation vulnerabilities to me. Happy patch Thrusday, just hope you don't get hacked by Friday... Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -----Original Message----- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 1:08 PM To: NT System Admin Issues Subject: Re: Out of Cycle Critical Windows Patch to be released today, stay tuned lols -- ME2 On Thu, Oct 23, 2008 at 1:01 PM, Tim Vander Kooi <[EMAIL PROTECTED]> wrote: > Damin it Jim...I'm a doctor not an administrator. > > > -----Original Message----- > From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 11:18 AM > To: NT System Admin Issues > Subject: Re: Out of Cycle Critical Windows Patch to be released today, stay tuned > > <shatner> > I see, what, you, are saying, but, you missed, his, point entirely, > or, are just, ignoring, it. > </shatner> > > -- > ME2 > > > > On Thu, Oct 23, 2008 at 12:07 PM, Rod Trent <[EMAIL PROTECTED]> wrote: >> Dang, Microsoft! I wish they'd stop trying to secure their products!!!! >> >> >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] >> Sent: Thursday, October 23, 2008 12:00 PM >> To: NT System Admin Issues >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay >> tuned >> >> >> >> Ok not so much of a trend, problem is they probably knew of the issue before >> this months patch cycle, and didn't release it with Critical rating on patch >> Tuesday but a week afterwards, during everyone(s) patching cycle for there >> information systems. Now we have to validate yet another patch and ask yet >> again for more downtime from the business on servers and workstations etc >> etc to get required patches on the machines to protect against the latest >> threat. >> >> >> >> What compounds it this month that there is already 11 patches to be tested, >> validated and deployed and vetted for issues afterwards, one of these >> patches is exploitable and could definitely lead to a worm (SMB flaw) now >> you add this remote exploitable, wormable patch, quiet possibly with public >> exploit code in the wild and active exploits, the risk factor goes up >> through the dam roof. >> >> >> >> Now imagine if you was the only person responsible for accomplishing all (4) >> tasks above, and this new exploit on top. That doesn't make for a happy >> camper in anyones reguards. >> >> >> >> Then factor the number of assets to protect by about 10,000. >> >> >> >> I think you start to get the idea, its pretty crystal clear in my mind. >> >> >> >> Z >> >> >> >> Edward E. Ziots >> >> Network Engineer >> >> Lifespan Organization >> >> MCSE,MCSA,MCP,Security+,Network+,CCA >> >> Phone: 401-639-3505 >> >> ________________________________ >> >> From: Michael B. Smith [mailto:[EMAIL PROTECTED] >> Sent: Thursday, October 23, 2008 11:48 AM >> To: NT System Admin Issues >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay >> tuned >> >> >> >> Trend? This is the first out-of-cycle patch from MSFT since April 2007. >> >> >> >> Regards, >> >> >> >> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP >> >> My blog: http://TheEssentialExchange.com/blogs/michael >> >> Link with me at: http://www.linkedin.com/in/theessentialexchange >> >> >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] >> Sent: Thursday, October 23, 2008 11:39 AM >> To: NT System Admin Issues >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay >> tuned >> >> >> >> I am just pissed that they couldn't get this one out last week> Don't be >> surprised if you see a column in a leading magazine from me about this trend >> with M$ and other vendors. >> >> >> >> Z >> >> >> >> Edward E. Ziots >> >> Network Engineer >> >> Lifespan Organization >> >> MCSE,MCSA,MCP,Security+,Network+,CCA >> >> Phone: 401-639-3505 >> >> ________________________________ >> >> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] >> Sent: Thursday, October 23, 2008 11:25 AM >> To: NT System Admin Issues >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay >> tuned >> >> >> >> The report on line shows Reboot Required if you open all the drop downs. It >> is for Remote Code Execution. It is Critical for Server 2003 all SPs and XP >> all SPs, Important for Vista/SP1 and Server 2008. >> >> TVK >> >> >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] >> Sent: Thursday, October 23, 2008 10:19 AM >> To: NT System Admin Issues >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay >> tuned >> >> >> >> We wont know until 2:00est, I am assuming it is, and it's a bad one so there >> is probably exploit code for it roaming the internet and its probably >> wormable on top of it. >> >> >> >> Z >> >> >> >> Edward E. Ziots >> >> Network Engineer >> >> Lifespan Organization >> >> MCSE,MCSA,MCP,Security+,Network+,CCA >> >> Phone: 401-639-3505 >> >> ________________________________ >> >> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] >> Sent: Thursday, October 23, 2008 11:16 AM >> To: NT System Admin Issues >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay >> tuned >> >> >> >> And it does require a reboot after install. I hate when out of cycle patches >> require reboots. I prefer when my users don't know. >> >> >> >> >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] >> Sent: Thursday, October 23, 2008 6:28 AM >> To: NT System Admin Issues >> Subject: Out of Cycle Critical Windows Patch to be released today, stay >> tuned >> Importance: High >> >> >> >> Heads up gang, more patching for this month, this one out of cycle and >> critical no additional information yet. >> >> Z >> >> Edward E. Ziots >> >> Network Engineer >> >> Lifespan Organization >> >> MCSE,MCSA,MCP,Security+,Network+,CCA >> >> Phone: 401-639-3505 >> >> _____________________________________________ >> >> http://www.computerworld.com/action/article.do?command=viewArticleBasic&; articleId=9117878&source=NLT_AM&nlid=1 >> >> As if the 11 patches this month wasn't enough, now they releasing an >> out-of-cycle critical patch, >> >> Gotta love patchin, >> >> Z >> >> Edward E. Ziots >> >> Network Engineer >> >> Lifespan Organization >> >> MCSE,MCSA,MCP,Security+,Network+,CCA >> >> Phone: 401-639-3505 >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
