All it takes is a hacked website serving up an .exe to a browser user who happily runs it.
Carl From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 7:22 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned All it takes is one VPN'ed computer that is infected to compromise the enterprise. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 7:17 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned I think having firewall enabled by default on Windows XP SP2+ and Windows Vista will help mitigate the issue in consumer land. Some of the orgs I work in now use router ACLs or FW rules to block RPC traffic across subnets/VLANs. That will help mitigate the issue as well Cheers Ken From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: Friday, 24 October 2008 8:42 AM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned Prior to me being here this district ignored Code Red. They got nailed bad and had to shut down for a week and go re-image 3000 computers. Feel free to quote me on that if you need to J From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 5:28 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned I work at a hospital too, and this situation is a ohh well take NO for an answer, I have ran it all the way to the top here, and said its getting done, I don't care about the downtime its better to swallow the pill now then clean up the mess laters. I also come in early in mornings ( Like 3:00am or earlier to patch my systems each month) So I feel your pain. Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 _____ From: Chinnery, Paul [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 5:26 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned Must be nice. I work in a hospital so all of the clinical pc's are always on. The only thing we could do was to set up the reboot for 3:30 AM (same time as when I or my buddy have to do a real early shift to install patches and reboot servers.) _____ From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 11:16 AM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay tuned And it does require a reboot after install. I hate when out of cycle patches require reboots. I prefer when my users don't know. From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 6:28 AM To: NT System Admin Issues Subject: Out of Cycle Critical Windows Patch to be released today, stay tuned Importance: High Heads up gang, more patching for this month, this one out of cycle and critical no additional information yet. Z ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~