http://www.theage.com.au/news/security/worm-alert-from-homeland-security/2006/08/10/1154803005087.html
Worm alert from Homeland Security Louisa Hearn August 10, 2006 - 12:44PM The US Department of Homeland Security is urging users of the Windows Operating System to apply security patches released by the company this week as quickly as possible. Flaws in desktop applications like Windows are being increasingly used to launch security attacks and Microsoft sends out monthly patch updates. However one of the recently discovered flaws in its operating system has attracted special attention from the DHS and other security organisations because of the widespread damage it could cause to IT systems. "Attempts to exploit vulnerabilities in operating systems routinely occur within 24 hours of the release of a security patch. This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users," the DHS warned. The MS06-040 server service vulnerability is considered the most "critical" of the security bulletins said anti-virus company, Symantec, because the possibility for a "widespread worm that may leverage this vulnerability is high" and could result in a complete system compromise. The MSBlast worm which infected hundreds of thousands of computers worldwide in 2003 is believed to have exploited a similar flaw, according to technology website CNET. Several of the other holes patched this week by Microsoft, including a PowerPoint vulnerability, have already been used in cyber attacks, but no widespread attacks on the MS06-040 flaw have yet been reported. The DHS said its Computer Emergency Readiness Team (US-CERT) was working closely with Microsoft to minimise any impact from the vulnerability. The PowerPoint flaw was exploited last month by the Trojan PPDropper.B which was widely circulated through email that contained a malicious attachment. Symantec said: "As desktop applications continue to grow as a target, it is important that users continue to install available updated software patches on all applications regularly." Windows users who receive automatic updates from Microsoft will already be protected by its most recent patches, however those who do not receive them are being urged by DHS to manually install the Microsoft security patch through Microsoft Update at http://update.microsoft.com/microsoftupdate. [Non-text portions of this message have been removed] *************************************************************************** Berdikusi dg Santun & Elegan, dg Semangat Persahabatan. Menuju Indonesia yg Lebih Baik, in Commonality & Shared Destiny. http://groups.yahoo.com/group/ppiindia *************************************************************************** __________________________________________________________________________ Mohon Perhatian: 1. Harap tdk. memposting/reply yg menyinggung SARA (kecuali sbg otokritik) 2. Pesan yg akan direply harap dihapus, kecuali yg akan dikomentari. 3. Reading only, http://dear.to/ppi 4. Satu email perhari: [EMAIL PROTECTED] 5. No-email/web only: [EMAIL PROTECTED] 6. kembali menerima email: [EMAIL PROTECTED] Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/ppiindia/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
