February MS Security Patches Posted

[Timmy77]

Honestly, i'm not sure either. Our Microsoft TAM couldn't give us details either, but they all seem to be agreeing that exchange is vulnerable itself.

It worries me enough to step up patching on the exchange side of the house.

[digitalgadfly]

With the ability to 'rollback' patches and uninstall 'Hotfixs' these days, I would suggest that everyone look in to SUS/WUS for their MS environments.

Automating the basics of patch management is the way to go. SUS is free and easy to set up. Highly controllable through GPO or the old fashion way with registry edits. You can find a lot of tools and support at www.susserver.com. By far one of the most useful SUS/WUS site on the net. It is loaded with tutorials and tools that make setup/install/maintenance a breeze.

Just another way to keep in step or one step ahead of the game. And we all know that helps given the pace we are forced to play.

[ric-o]

I guess what I'm hung up on is the line:

On Exchange Server 5.0, Exchange Server 5.5, Exchange 2000 Server, and Exchange Server 2003 any anonymous user who could deliver a specially crafted message to the affected system could try to exploit this vulnerability.

The comment about requiring user interaction is not tied to Exchange but rather the OS:

User interaction is required to exploit this vulnerability on Windows 2000, Windows XP, and Windows Server 2003.

...that's how I read it. Maybe I'm splitting hairs here, but this hair is an ugly email worm that could take down Exchange server with simple email.

Call me paranoid! (sigh)

[ric-o]

Originally posted here by digitalgadfly
With the ability to 'rollback' patches and uninstall 'Hotfixs' these days, I would suggest that everyone look in to SUS/WUS for their MS environments.

You're right in principle, however one of these patches, MS05-009, cannot be rolled back according to Microsoft.

It's the patch for MSN Messenger for XP SP1 they are referring to.
/snip from their bulletin here [urlhttp://www.microsoft.com/technet/security/bulletin/MS05-009.mspx[/url]

Microsoft Windows Messenger 4.7.0.2009 on Windows XP Service Pack 1

So my point is test-test-test (at least as best you can).

You're right about SUS: it's a god-send!

[Timmy77]

As I said, I'm not sure what the technical details are here. Our microsoft technical guys even seemed unsure. All they can say is "exchange vulnerable, patch soon."