Microsoft Out-of-Band Security Bulletin
Page 1 of 3 123 LastLast
Results 1 to 10 of 30

Thread: Microsoft Out-of-Band Security Bulletin

  1. #1
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914

    Microsoft Out-of-Band Security Bulletin

    Good Morning All!

    I say good morning since it's 2AM here, and I assume many members won't read this until morning, and I think this is a wonderful way to start the day

    Microsoft will be releasing a Out-of-Band Security Bulletin tomorrow.

    I wonder what fun will await us.

    Tyler.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  2. #2
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Exclamation

    Quote Originally Posted by HTRegz View Post
    Good Morning All!

    I say good morning since it's 2AM here, and I assume many members won't read this until morning, and I think this is a wonderful way to start the day

    Microsoft will be releasing a Out-of-Band Security Bulletin tomorrow.

    I wonder what fun will await us.

    Tyler.
    Or an awful way to start the afternoon (6Pm here).

    Just took a quick read over the linked page and i guess we will need to wait a little longer to get the whole picture.

  3. #3

  4. #4
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    If you haven't patched yet... patch.

    According to the MS Advisory it was only being used in targeted attacks. This has changed now... There's exploit code on a popular exploit website, and apparently there's a worm making the rounds.

    Also, kudos to phernandez for the superb article. He manages to get quotes from some pretty incredible people heh.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  5. #5
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    "We also have to consider what this could mean to smaller retailers focused on PCI compliance. I worked for a small business in the past where they had SBS [Small Business Server] 2000 directly connected to the internet, and traffic was being routed through that server. Setups like this do exist and they are vulnerable
    Wouldnt a NAT router block this???


    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  6. #6
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by morganlefay View Post
    Wouldnt a NAT router block this???
    Yes, it would.. And so does a firewall..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  7. #7
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    phew....luckly I have both

    who would have the server service pointing to the www anyway....you are just asking for trouble

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by morganlefay View Post
    who would have the server service pointing to the www anyway....you are just asking for trouble
    No sane person would do that.. But then again if all computer users were sane I would be out of a job
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Good point Sir Dice....me too!

    I guess the threat then would be infected laptops plugged in behind the firewall\router...so patching is still important.

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  10. #10
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    You can find Snort sig's here:

    http://www.emergingthreats.net/cgi-b...08-067?rev=1.1

    Cheers

    Just found out you are going to have to tweak these rules a bit, they must have been written in a hurry.
    Last edited by DjM; October 24th, 2008 at 04:35 PM. Reason: Sig's not working right
    DjM

Similar Threads

  1. August security hotfixes
    By mohaughn in forum Microsoft Security Discussions
    Replies: 1
    Last Post: August 9th, 2005, 07:37 PM
  2. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 07:47 PM
  3. October MS updates
    By mohaughn in forum Microsoft Security Discussions
    Replies: 2
    Last Post: October 13th, 2004, 04:31 AM
  4. Securing Windows 2000 and IIS
    By spools.exe in forum Microsoft Security Discussions
    Replies: 0
    Last Post: September 15th, 2003, 09:47 PM
  5. Lol Now I Know Why Everyone Hates Microsoft!!!
    By NUKEM6 in forum Non-Security Archives
    Replies: 10
    Last Post: January 24th, 2002, 05:21 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides