Oh yes it does.
Critical Security Bulletins
============================
Microsoft Security Bulletin MS08-067
- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium based Systems
- Windows Vista and
Windows Vista Service Pack 1
- Windows Vista x64 Edition and
Windows Vista x64 Edition Service Pack 1
- Windows Server 2008 for 32-bit Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
- John Barsodi
-----Original Message-----
From: Phil Thompson [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 11:27 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned
Must not affect W03 sp2 or XP sp3, there's no update for them..
Phil
-----Original Message-----
From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 1:58 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned
Its out and its NASTY//
MS08-067, publically being exploited right now, unauthenticted remote
code execution against the server service, smells like a network worm
with mass exploitation vulnerabilities to me.
Happy patch Thrusday, just hope you don't get hacked by Friday...
Z
Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505
-----Original Message-----
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 1:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch to be released today,
stay tuned
lols
--
ME2
On Thu, Oct 23, 2008 at 1:01 PM, Tim Vander Kooi <[EMAIL PROTECTED]>
wrote:
> Damin it Jim...I'm a doctor not an administrator.
>
>
> -----Original Message-----
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:18 AM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch to be released today,
stay tuned
>
> <shatner>
> I see, what, you, are saying, but, you missed, his, point entirely,
> or, are just, ignoring, it.
> </shatner>
>
> --
> ME2
>
>
>
> On Thu, Oct 23, 2008 at 12:07 PM, Rod Trent <[EMAIL PROTECTED]>
wrote:
>> Dang, Microsoft! I wish they'd stop trying to secure their
products!!!!
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 12:00 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released
today, stay
>> tuned
>>
>>
>>
>> Ok not so much of a trend, problem is they probably knew of the issue
before
>> this months patch cycle, and didn't release it with Critical rating
on patch
>> Tuesday but a week afterwards, during everyone(s) patching cycle for
there
>> information systems. Now we have to validate yet another patch and
ask yet
>> again for more downtime from the business on servers and workstations
etc
>> etc to get required patches on the machines to protect against the
latest
>> threat.
>>
>>
>>
>> What compounds it this month that there is already 11 patches to be
tested,
>> validated and deployed and vetted for issues afterwards, one of these
>> patches is exploitable and could definitely lead to a worm (SMB flaw)
now
>> you add this remote exploitable, wormable patch, quiet possibly with
public
>> exploit code in the wild and active exploits, the risk factor goes up
>> through the dam roof.
>>
>>
>>
>> Now imagine if you was the only person responsible for accomplishing
all (4)
>> tasks above, and this new exploit on top. That doesn't make for a
happy
>> camper in anyones reguards.
>>
>>
>>
>> Then factor the number of assets to protect by about 10,000.
>>
>>
>>
>> I think you start to get the idea, its pretty crystal clear in my
mind.
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> ________________________________
>>
>> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:48 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released
today, stay
>> tuned
>>
>>
>>
>> Trend? This is the first out-of-cycle patch from MSFT since April
2007.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>>
>> My blog: http://TheEssentialExchange.com/blogs/michael
>>
>> Link with me at: http://www.linkedin.com/in/theessentialexchange
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:39 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released
today, stay
>> tuned
>>
>>
>>
>> I am just pissed that they couldn't get this one out last week> Don't
be
>> surprised if you see a column in a leading magazine from me about
this trend
>> with M$ and other vendors.
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> ________________________________
>>
>> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:25 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released
today, stay
>> tuned
>>
>>
>>
>> The report on line shows Reboot Required if you open all the drop
downs. It
>> is for Remote Code Execution. It is Critical for Server 2003 all SPs
and XP
>> all SPs, Important for Vista/SP1 and Server 2008.
>>
>> TVK
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 10:19 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released
today, stay
>> tuned
>>
>>
>>
>> We wont know until 2:00est, I am assuming it is, and it's a bad one
so there
>> is probably exploit code for it roaming the internet and its probably
>> wormable on top of it.
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> ________________________________
>>
>> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:16 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released
today, stay
>> tuned
>>
>>
>>
>> And it does require a reboot after install. I hate when out of cycle
patches
>> require reboots. I prefer when my users don't know.
>>
>>
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 6:28 AM
>> To: NT System Admin Issues
>> Subject: Out of Cycle Critical Windows Patch to be released today,
stay
>> tuned
>> Importance: High
>>
>>
>>
>> Heads up gang, more patching for this month, this one out of cycle
and
>> critical no additional information yet.
>>
>> Z
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> _____________________________________________
>>
>>
http://www.computerworld.com/action/article.do?command=viewArticleBasic&;
articleId=9117878&source=NLT_AM&nlid=1
>>
>> As if the 11 patches this month wasn't enough, now they releasing an
>> out-of-cycle critical patch,
>>
>> Gotta love patchin,
>>
>> Z
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
