microsoft
Report a problem

Microsoft: Emergency Patch? It ain't so bad after all!

Steven Parker   on 23 October 2008 - 22:00 · 25 comments & 9996 views

Advertisement (Why?)
After issuing notification earlier today, of an imminent emergency critical patch needed for most versions of the NT core versions of Windows, Microsoft issued a patch for affected systems to Windows Update that resolved the issue this evening.

According to the notification given for the details of the update Microsoft stated: "A security issue has been identified that could allow an authenticated remote attacker to compromise your Microsoft Windows-based system and gain control over it."

Despite the unusual rush to get this patch out, it would be unfair to not give credit where credit is due to Microsoft for taking care of this vulnerability so quickly, albeit without much notice before and after the effect.

Link: For more information, or just run Windows Update.

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Steven Parker
User name: Neobond
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 25 additional comments
(7 replies) #1 +NeoFlux on 23 Oct 2008 - 22:02
There was certainly a lot of hype today, wasn't there? I can imagine Microsoft employee's were acting like the place was on fire to create so much hype.
#1.1 vetSHoTTa35 on 23 Oct 2008 - 22:07
lol.. i just imagined that. I installed it also and it was no big fan fair here. Glad i'm "up to date" however.
#1.2 Neobond on 23 Oct 2008 - 22:12
SHoTTa35 said,
Glad i'm "up to date" however.

and HOW!
#1.3 MMaster23 on 23 Oct 2008 - 22:16
Sure a lot of attention however hype? A hype is a lot of fuss about something that isn't worth the time it's getting.

A patch for fixing a critical hole in the Windows RPC security is kinda important in my book.

I'm guessing you wouldn't be so cool about it if it had already overwritten your security via some new worm.

Anyone remember sasser? Not the same flaw however the spread and result COULD be the same. Thanks to the fast respond by Microsoft, you're system is safer.
#1.4 +NeoFlux on 23 Oct 2008 - 22:21
MMaster23 said,
Sure a lot of attention however hype? A hype is a lot of fuss about something that isn't worth the time it's getting.

A patch for fixing a critical hole in the Windows RPC security is kinda important in my book.

I'm guessing you wouldn't be so cool about it if it had already overwritten your security via some new worm.

Anyone remember sasser? Not the same flaw however the spread and result COULD be the same. Thanks to the fast respond by Microsoft, you're system is safer.


The earlier title was 'Microsoft to release EMERGENCY patch for Windows today'.

Seemed like quite a bit of excitement went on there when writing up that title!
#1.5 Neobond on 23 Oct 2008 - 22:26
Didn't you know that we're all sensationalists at Neowin?
#1.6 cork1958 on 23 Oct 2008 - 22:49
Neobond said,
Didn't you know that we're all sensationalists at Neowin?


Don't ya know it?!!
Just got it on first of 6 machines. No thang to it!!

Did see the other article earlier this morning on here.
#1.7 +Kirkburn on 24 Oct 2008 - 01:19
Neobond said,
Didn't you know that we're all sensationalists at Neowin?

And what fun it is, too
#2 Mikeparkie on 23 Oct 2008 - 22:14
I am patched and safe from the bad people once again!
(2 replies) #3 Relativity_17 on 23 Oct 2008 - 22:29
A security issue has been identified that could allow an authenticated remote attacker to compromise your Microsoft Windows-based system and gain control over it.


Are you serious? Isn't that the whole point of authentication?
#3.1 MMaster23 on 23 Oct 2008 - 22:45
"On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit"

Need I say more?
#3.2 +TCLN Ryster on 24 Oct 2008 - 08:57
MMaster23 said,
"On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit"

Need I say more?

Indeed. They only need to be authenticated on Vista and Server 2008. Windows 2000, XP and 2003 can all be exploited without authentication. So without a personal firewall, a machine can be infected by malware written to exploit this vulnerability without user interaction. ala. Blaster and Nachi.
#4 leo221 on 23 Oct 2008 - 22:30
[b]microsoft today reported good earnings.

http://biz.yahoo.com/rb/081023/business_us_microsoft.html[/b]
(1 reply) #5 lylesback2 on 23 Oct 2008 - 23:03
At least now if a pandemic breaks out (unlikely now) Microsoft cant be to fault for this. I wonder exactly what the security risk was, and why was it rushed out the door? Was it a virus scare that could potentially crash NT based Windows systems?
#5.1 +TCLN Ryster on 24 Oct 2008 - 10:37
lylesback2 said,
At least now if a pandemic breaks out (unlikely now) Microsoft cant be to fault for this. I wonder exactly what the security risk was, and why was it rushed out the door? Was it a virus scare that could potentially crash NT based Windows systems?

No, it's a vulnerability that a nefarious person can exploit without needing to authenticate onto the computer they are attacking. In other words, they can infect your computer through the internet without you ever getting any kind of prompt. Only a desktop firewall or the patch will prevent this for machines on the internet.

The last vulnerability of this kind that I can remember, was the one that the Blaster and Nachi worms exploited a few years back. Thousands of computers around the world were infected with those worms and they are still floating around on the internet today. Put an unpatched XP SP1 machine on the internet now , and it'll be infected in a matter of minutes.

Last edited by TCLN Ryster on 24 Oct 2008 - 10:44
(3 replies) #6 whiplash55 on 23 Oct 2008 - 23:32
Just to be "extra safe" I installed XP-Antispyware 2009 keeps asking for $49.00 though. I do feel very safe though!
#6.1 MMaster23 on 24 Oct 2008 - 00:50
You do know that won't help you in this case?
It directly attacks your Server (RPC) service and can take over you machine not matter how much anti-spyware or anti-virus software you are using.
#6.2 +Kirkburn on 24 Oct 2008 - 01:20
MMaster23 said,
You do know that won't help you in this case?
It directly attacks your Server (RPC) service and can take over you machine not matter how much anti-spyware or anti-virus software you are using.

Google the name of that software

"XP Antispyware 2009 is a rogue anti-spyware program from the same family as XP Antivirus 2008."
#6.3 warwagon on 24 Oct 2008 - 01:36
MMaster23 said,
You do know that won't help you in this case?
It directly attacks your Server (RPC) service and can take over you machine not matter how much anti-spyware or anti-virus software you are using.
s

Thank you for the laugh. I know you were just kidding
#7 Dhilian on 23 Oct 2008 - 23:59
wanna feel safe? get a better firewall
(1 reply) #8 TC17 on 24 Oct 2008 - 04:12
So is this a new patch after the patch was already hacked?

http://www.nytimes.com/external/idg/2008/1...k-code-for.html

Took them only hours to hack it.
#8.1 random_n on 24 Oct 2008 - 05:14
No, this article you link to tells of working exploit code that will run on systems that have not yet had this patch applied. The exploit code was created by reverse engineering Microsoft's patch.
(2 replies) #9 leesmithg on 24 Oct 2008 - 05:26
This is why I don't like patch Tuesday.

If there is a problem then fix it.

Don't wait till 30 days after the problem is found.
#9.1 kiddingguy on 24 Oct 2008 - 09:04
Agree!
And for those who like to update once a month... please do so and be my guest. Let me do the update myself when a (critical) patch is released.
#9.2 Airlink on 26 Oct 2008 - 19:43
I agree that "critical" patches should be released ASAP. If they need to update the patch later, that's fine: I'd rather get a patch that need some work than no patch at all.

There is a place for the Patch Tuesday cycle, but "emergency" patches need to come out as soon as they can, regardless of what day of the month it is.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1345) © 2000 - 2008 Neowin.net