Robert Hensing's Blog

Software Security . . . and stuff.

Out of band security update planned for today (MS08-067)

Out of band security update planned for today (MS08-067)

  • Comments 1
  • Likes

Updated 10/23/2008 @ 1:17pm EST
We have pushed the update live - here's the direct link to the bulletin:http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx (if it doesn't work for you - keep trying - it will be live real soon now).
Also n
ote that the Microsoft Malware Protection Center also has generic detection for the malware dropped in the targeted attacks!
You can read more about it at the MMPC blog: http://blogs.technet.com/mmpc/archive/2008/10/23/get-protected-now.aspx
Finally my team has released a blog post with an interesting .C file linked at the end - for those who like to compile stuff and play around with ACLs: http://blogs.technet.com/swi/archive/2008/10/23/More-detail-about-MS08-067.aspx
--------------------------------------------- 

The MSRC, SWI and some Windows product team folks have been working really hard to get a critical security update out the door this week and they just pushed the advanced notification thing live early this morning (EST).

http://blogs.technet.com/msrc/archive/2008/10/22/advance-notification-for-out-of-band-release.aspx

http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx

It's likely that by the time many of you read this - the update will already be available for download via WU/MU/WSUS etc. 
Be sure to go out and grab it - especially if you are running Windows XP or lower operating systems (as you can tell by the severity ratings in the advance notification thinger - it's critical on that platform).

As always we apologize in advance if this ruins anyone's weekend plans - I personally blame the miscreants. :)

P.S.  Keep an eye on my team's blog later today for more technical information: http://blogs.technet.com/swi

Comments
  • The only question remaining is what you mean by "miscreants" - the people writing the attack code, or the people writing the attacked code? :)

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment