Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Attacks on MS08-067

Attacks on MS08-067

  • Comments 1
  • Likes

As we were pushing on our Out-of-Band release earlier this month we tried to make you understand that immediate deployment is needed as the vulnerability is high risk. Otherwise we would not have gone out of band…

Interestingly enough, we have not seen widespread attacks since now. Earlier today now we released different pieces of information on the two key blogs on that:

The reason why I post and why this attacks makes me a little bit nervous is that I hear from too many customers still that they did not yet deploy and the reason behind is that “they heard that we might have issues with this update”. Sorry, this is blank nonsense.

To be clear: Out of all support cases Microsoft has received regarding MS08-067, all of them (and I mean all – no exception) turned out to be caused by another issue and/or mis-configuration and not MS08-067! So, there were no issues with this update so far.

It is your choice now to decide whom you base your risk assessment on: On some web pages telling you that they heard or on us.

Whatever you do, base your risk assessment on the fact that there is somebody out there exploiting the vulnerability

Roger

Comments
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment