-
October 23rd, 2008, 06:47 AM
#1
Microsoft Out-of-Band Security Bulletin
Good Morning All!
I say good morning since it's 2AM here, and I assume many members won't read this until morning, and I think this is a wonderful way to start the day
Microsoft will be releasing a Out-of-Band Security Bulletin tomorrow.
I wonder what fun will await us.
Tyler.
-
October 23rd, 2008, 07:50 AM
#2
Originally Posted by HTRegz
Good Morning All!
I say good morning since it's 2AM here, and I assume many members won't read this until morning, and I think this is a wonderful way to start the day
Microsoft will be releasing a Out-of-Band Security Bulletin tomorrow.
I wonder what fun will await us.
Tyler.
Or an awful way to start the afternoon (6Pm here).
Just took a quick read over the linked page and i guess we will need to wait a little longer to get the whole picture.
-
October 24th, 2008, 03:01 AM
#3
-
October 24th, 2008, 06:43 AM
#4
If you haven't patched yet... patch.
According to the MS Advisory it was only being used in targeted attacks. This has changed now... There's exploit code on a popular exploit website, and apparently there's a worm making the rounds.
Also, kudos to phernandez for the superb article. He manages to get quotes from some pretty incredible people heh.
-
October 24th, 2008, 01:54 PM
#5
"We also have to consider what this could mean to smaller retailers focused on PCI compliance. I worked for a small business in the past where they had SBS [Small Business Server] 2000 directly connected to the internet, and traffic was being routed through that server. Setups like this do exist and they are vulnerable
Wouldnt a NAT router block this???
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
October 24th, 2008, 02:03 PM
#6
Originally Posted by morganlefay
Wouldnt a NAT router block this???
Yes, it would.. And so does a firewall..
Oliver's Law:
Experience is something you don't get until just after you need it.
-
October 24th, 2008, 04:17 PM
#7
Originally Posted by HTRegz
Also, kudos to phernandez for the superb article. He manages to get quotes from some pretty incredible people heh.
LOL, thanks!
Agreed, patch and update those signatures. If MS is this concerned it should give you a clue as to the severity of the attacks they've been observing.
-
October 24th, 2008, 02:08 PM
#8
phew....luckly I have both
who would have the server service pointing to the www anyway....you are just asking for trouble
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
October 24th, 2008, 03:13 PM
#9
Originally Posted by morganlefay
who would have the server service pointing to the www anyway....you are just asking for trouble
No sane person would do that.. But then again if all computer users were sane I would be out of a job
Oliver's Law:
Experience is something you don't get until just after you need it.
-
October 24th, 2008, 04:33 PM
#10
Originally Posted by morganlefay
phew....luckly I have both
who would have the server service pointing to the www anyway....you are just asking for trouble
MLF
You'd be surprised at how many people just plug their computer into their cable modem still, or directly into their DSL. When I was home last christmas, I discovered that was how my sisters internet was setup... I unplugged it and went straight out and got a linksys router to put in between.
One of my other quotes, which didn't make the article, was along the lines of hoping that a worm wouldn't spread to much because hopefully not to many people are using computers that are directly connected to the net. However I have seen it quite a bit.
I think one of the places that this will be a problem is college / university residences... many of them forbid NAT devices in front of your computer.
Similar Threads
-
By mohaughn in forum Microsoft Security Discussions
Replies: 1
Last Post: August 9th, 2005, 07:37 PM
-
By Tiger Shark in forum Microsoft Security Discussions
Replies: 5
Last Post: January 14th, 2005, 08:47 PM
-
By mohaughn in forum Microsoft Security Discussions
Replies: 2
Last Post: October 13th, 2004, 04:31 AM
-
By spools.exe in forum Microsoft Security Discussions
Replies: 0
Last Post: September 15th, 2003, 09:47 PM
-
By NUKEM6 in forum Non-Security Archives
Replies: 10
Last Post: January 24th, 2002, 06:21 AM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|