Microsoft Out-of-Band Security Bulletin
Page 1 of 3 123 LastLast
Results 1 to 10 of 30

Thread: Microsoft Out-of-Band Security Bulletin

Hybrid View

  1. #1
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914

    Microsoft Out-of-Band Security Bulletin

    Good Morning All!

    I say good morning since it's 2AM here, and I assume many members won't read this until morning, and I think this is a wonderful way to start the day

    Microsoft will be releasing a Out-of-Band Security Bulletin tomorrow.

    I wonder what fun will await us.

    Tyler.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  2. #2
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Exclamation

    Quote Originally Posted by HTRegz View Post
    Good Morning All!

    I say good morning since it's 2AM here, and I assume many members won't read this until morning, and I think this is a wonderful way to start the day

    Microsoft will be releasing a Out-of-Band Security Bulletin tomorrow.

    I wonder what fun will await us.

    Tyler.
    Or an awful way to start the afternoon (6Pm here).

    Just took a quick read over the linked page and i guess we will need to wait a little longer to get the whole picture.

  3. #3

  4. #4
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    If you haven't patched yet... patch.

    According to the MS Advisory it was only being used in targeted attacks. This has changed now... There's exploit code on a popular exploit website, and apparently there's a worm making the rounds.

    Also, kudos to phernandez for the superb article. He manages to get quotes from some pretty incredible people heh.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  5. #5
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    "We also have to consider what this could mean to smaller retailers focused on PCI compliance. I worked for a small business in the past where they had SBS [Small Business Server] 2000 directly connected to the internet, and traffic was being routed through that server. Setups like this do exist and they are vulnerable
    Wouldnt a NAT router block this???


    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  6. #6
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by morganlefay View Post
    Wouldnt a NAT router block this???
    Yes, it would.. And so does a firewall..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  7. #7
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246
    Quote Originally Posted by HTRegz View Post
    Also, kudos to phernandez for the superb article. He manages to get quotes from some pretty incredible people heh.
    LOL, thanks!

    Agreed, patch and update those signatures. If MS is this concerned it should give you a clue as to the severity of the attacks they've been observing.

  8. #8
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    phew....luckly I have both

    who would have the server service pointing to the www anyway....you are just asking for trouble

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  9. #9
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by morganlefay View Post
    who would have the server service pointing to the www anyway....you are just asking for trouble
    No sane person would do that.. But then again if all computer users were sane I would be out of a job
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  10. #10
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Quote Originally Posted by morganlefay View Post
    phew....luckly I have both

    who would have the server service pointing to the www anyway....you are just asking for trouble

    MLF
    You'd be surprised at how many people just plug their computer into their cable modem still, or directly into their DSL. When I was home last christmas, I discovered that was how my sisters internet was setup... I unplugged it and went straight out and got a linksys router to put in between.

    One of my other quotes, which didn't make the article, was along the lines of hoping that a worm wouldn't spread to much because hopefully not to many people are using computers that are directly connected to the net. However I have seen it quite a bit.

    I think one of the places that this will be a problem is college / university residences... many of them forbid NAT devices in front of your computer.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Similar Threads

  1. August security hotfixes
    By mohaughn in forum Microsoft Security Discussions
    Replies: 1
    Last Post: August 9th, 2005, 07:37 PM
  2. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 07:47 PM
  3. October MS updates
    By mohaughn in forum Microsoft Security Discussions
    Replies: 2
    Last Post: October 13th, 2004, 04:31 AM
  4. Securing Windows 2000 and IIS
    By spools.exe in forum Microsoft Security Discussions
    Replies: 0
    Last Post: September 15th, 2003, 09:47 PM
  5. Lol Now I Know Why Everyone Hates Microsoft!!!
    By NUKEM6 in forum Non-Security Archives
    Replies: 10
    Last Post: January 24th, 2002, 05:21 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides