Microsoft to release EMERGENCY patch for Windows today

Cheers Bink for the heads up that Microsoft has notified him that they will release an emergency security patch later today.

Thursday October 23rd, 17:00 GMT (That is 19:00 for GMT+1).

All Microsoft has said so far is that the vulnerability can be remotely exploited by malware.

Microsoft advises every Windows user / Administrator to update their machines, every currently supported Windows version is affected, so: Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008 & Windows Server 2008 Core Installation.

Bink goes on to say "I'm not sure if all editions are affected, but it does look like it, so also Windows Embedded, Windows CE, Hyper-V Server? To my knowledge this is only the second time that Microsoft has released an out of band security patch."

Link: Microsoft Security Bulletin Advance Notification for October 2008

Report a problem with article
Previous Story

Office 2007 SP2 due in spring

Next Story

Broadband users reach their limit

54 Comments

Commenting is disabled on this article.

Does it effect systems that have an internet net connection but are just at the desktop not doing any active web browsing. Like my voice mail server. I mean its behind a router.

warwagon said,
Does it effect systems that have an internet net connection but are just at the desktop not doing any active web browsing. Like my voice mail server. I mean its behind a router.


Is it really so much trouble to download it and apply it?

asusfreak said,
Is it really so much trouble to download it and apply it?

Well with any Microsoft patch on a server you have to assume that once the patch is applied and the system restarted that windows may not boot back up. Rare as it might be could happen.

Cheers Bink for the heads up that Microsoft has notified him

it was announced in one of microsoft's security newsletters yesterday...
I'm not sure if all editions are affected

including the Affected Software bit


I did the update and my catalyst control center crashed and closed.
can't find what happened. anyone else have trouble?

update: I restarted again and the CCC was restored.
hmm...curious.
oh well, better now.

Yes, I'm now installing it.
What kind of really deep problem is being fixed? It must be something within the foundation of Windows, since Windows 2000 is also affected.

More Information
http://blogs.technet.com/msrc/archive/2008...7-released.aspx
http://www.microsoft.com/security/portal/E...%2fGimmiv.A.dll
http://www.microsoft.com/security/portal/E...in32%2fGimmiv.A

Thursday, October 23, 2008 10:33 AM by MSRCTEAM
MS08-067 Released
Hi,

This is Christopher Budd. Following up on my post from last night, I wanted to let you know that we’ve released MS08-067 today.

This security update resolves a vulnerability in the Server service that affects all currently supported versions of Windows. Windows XP and older versions are rated as “Critical” while Windows Vista and newer versions are rated as “Important”. Because the vulnerability is potentially wormable on those older versions of Windows, we’re encouraging customers to test and deploy the update as soon as possible. To help you better understand the details around the vulnerability, my colleagues over at the Security Vulnerability Research & Defense blog have provided some more information here. Also, Michael Howard has provided some background on the vulnerability from the Security Development Lifecycle perspective here.

In addition, to releasing a security update to address the vulnerability, we’ve also taken steps to help enable broader protections for customers. Specifically, our colleagues in the Microsoft Malware Protection Center have released updated signatures that can enable Microsoft Forefront and Microsoft OneCare to protect against current attempts to exploit the vulnerability (Exploit:Win32/MS08067.gen!A). You can read about what they’re doing to help protect here. We have also provided information to our security partners in our Microsoft Active Protections Program and our Microsoft Security Response Alliance Program. We encourage all customers to update the signatures for their security protection products to help provide protections while they’re testing and deploying these updates.

We discovered this vulnerability as part of our research into a limited series of targeted malware attacks against Windows XP systems that we discovered about two weeks ago through our ongoing monitoring. As we investigated these attacks we found they were utilizing a new vulnerability and initiated our Software Security Incident Response Process (SSIRP). As we analyzed the vulnerability in our SSRP process, we found that this vulnerability was potentially wormable on Windows XP and older systems. Our analysis also showed that it would be possible to address this vulnerability in a way that would enable us to develop an update of appropriate quality for broad distribution quickly. Based on those two factors, we felt that it was in the best interest of customers for us to release this update before the regular November release cycle.We have also have detection for the malware we found used in attacks exploiting this vulnerability (TrojanSpy:Win32/Gimmiv.A and TrojanSpy:Win32/Gimmiv.A.dll) in the signatures the MMPC is releasing today and sharing that information with our partners.

We aren’t done when we release an update. Our Customer Service and Support teams are ready to support customers as they deploy the update. And our security teams, and our partners, are monitoring for active attacks against this vulnerability. As always, we’ll update you with any information that we have as it develops.

In the meantime, we encourage you to test and deploy the security updates and security software signatures as soon as possible.

Thanks,

Christopher

*This posting is provided "AS IS" with no warranties, and confers no rights.*


Anonymous comments are disabled

There's one reason why i still prefer Microsoft. They love their developers. Just like Linux enterprises. But Apple tries to create a somewhat "fake" world where everything is beautiful and streamlined.
Also, Microsoft gives cool info to its enthusiastic community. Sometimes. Well, whats a new release/patch without "suspense".

P.s.: Do you remember iPhone's restrictive approval of apps? Apps without class can't appear in an iPhone. That's what i call "fake" perfection.

You know...I love how everyone bashing MS has no idea what they're talking about from a support point of view....you guys just don't get it.

There is a reason people stick with a product, or a company. You don't necessarily have to like the product. In fact, the product could be just mediocre...like some versions of windows have been. But What keeps customers hooked or coming back is the excellent support that is rendered for that product. Microsoft patching things so quickly is proof that they support their products.

Yeah it may not be the greatest thing ever, but If i had a choice between a company that made an "OK" product, but patched it routinely, or continued to fix it, and a company that made a "Great" product, but hardly patched it, or never told me when fixes were going to be available, or their support sucked...most people will always go for the ok product because they know the support is going to be there.

Let me guess: you've never used anything but Windows your whole life, nor have you ever given any thought to how Windows winds up on a person's computer.

Let's not get preachy here. I use all three of the "big" operating systems and they're all roughly the same (that's right, I'm looking beyond aesthetics). It's the applications that you run that make a greater difference in your life, and it isn't very often that you can find every single application that you need on a single operating system.

SirEvan said,
You know...I love how everyone bashing MS has no idea what they're talking about from a support point of view....you guys just don't get it.

There is a reason people stick with a product, or a company. You don't necessarily have to like the product. In fact, the product could be just mediocre...like some versions of windows have been. But What keeps customers hooked or coming back is the excellent support that is rendered for that product. Microsoft patching things so quickly is proof that they support their products.

Yeah it may not be the greatest thing ever, but If i had a choice between a company that made an "OK" product, but patched it routinely, or continued to fix it, and a company that made a "Great" product, but hardly patched it, or never told me when fixes were going to be available, or their support sucked...most people will always go for the ok product because they know the support is going to be there.


totally agree with you there.

too many people complain Microsoft is patching their products too much, but in reality, they don't patch that often. Just be glad your product is safe and secure for the time being. If you don't like it, switch to something else and don't comment on these issues at hand.

Ledgem said,
Let me guess: you've never used anything but Windows your whole life, nor have you ever given any thought to how Windows winds up on a person's computer.

Let's not get preachy here. I use all three of the "big" operating systems and they're all roughly the same (that's right, I'm looking beyond aesthetics). It's the applications that you run that make a greater difference in your life, and it isn't very often that you can find every single application that you need on a single operating system.

I've used Dos, Linux, Windows, and Mac OSX. I prefer to use windows however....though thats besides the point. I'm not defending the OS, I'm defending the company. They may make crappy software, but the fact that they continually strive to update it and patch any flaws in it makes me continue to stick with them....THE SUPPORT.

I never said that the company was great, or that their products were gold...I'm only saying that they are trying their best to support their products in a timely manner, and I am applauding them for that.

"it isn't very often that you can find every single application that you need on a single operating system."

If you're talking to the Mac audience then this may be true. That's why running Windows is now one of their top selling points. However, very few people need more than one OS to run all their applications. Where you got that idea is beyond me.

sweet, let's get this out in a timely fashion. Not rush it and then gotta fix it again but glad they are at least on top of it.

Props to MS for getting this out ASAP. Still, I wish I would have known in advance what the problem was and how I might have been able to lower my risk.

I'm behind a firewall and primarily use FireFox with NoScript -- hope that has been enough.

MafiotuL said,
Yet another reason to hate Microsoft and to quit using WINDOWS.

Why? Mac and Linux dont have to fix any exploits? At least MS is fast, and has been proven to be the fastest, at releasing patches. I would rather run an OS that patches quickly than an OS that is slow and cannot get it right the 1st time (OSX)

MafiotuL said,
Yet another reason to hate Microsoft and to quit using WINDOWS.

have you gone mad? This is another reason why Microsoft is doing their job to address this issue. Had they never of released this statement, I bet you would of had no idea about this exploit.

Well then, by that logic, better HATE all software companies that release patches and all their products. That includes Apple and OS X, oh no!!!!

techbeck said:
Why? Mac and Linux dont have to fix any exploits? At least MS is fast, and has been proven to be the fastest, at releasing patches. I would rather run an OS that patches quickly than an OS that is slow and cannot get it right the 1st time (OSX)

C_Guy said:
Well then, by that logic, better HATE all software companies that release patches and all their products. That includes Apple and OS X, oh no!!!!

C_Guy said:
Well then, by that logic, better HATE all software companies that release patches and all their products. That includes Apple and OS X, oh no!!!!


The reason is not that update is released! That's a good thing! , The reason for what i've said is the VULNERABILITY ITSELF! Too MANY for Microsoft's operating system!

Windows Vista and Windows Server 2008 updates are marked as Important, not critical.

Yet another reason to use Vista

Kinda makes those new Apple ads full of **** huh? MS patches there software quickly and correctly. Yet another example how MS puts the customers first.

I love how Microsoft focuses on putting users first and making us aware of serious problems before they escalate or get exploited before they do anything. The past outbreaks with Nimda, Welchia, Code Red really thought them a lesson in patch management. Kudos Microsoft!

If the exploit is present in way older code, then it's been around for a long time (Come on, this affects Windows 2000!). But yeah, at least it's fixed now.

On Microsoft's security bulletin:

Microsoft Windows 2000 Service Pack 4
(Critical)

Windows XP Service Pack 2 and Windows XP Service Pack 3
(Critical)

Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
(Critical)

Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
(Critical)

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
(Critical)

Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
(Critical)

Windows Vista and Windows Vista Service Pack 1
(Important)

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
(Important)

Windows Server 2008 for 32-bit Systems
(Important)

Windows Server 2008 for x64-based Systems
(Important)

Windows Server 2008 for Itanium-based Systems
(Important)

Well, it seems all Windows OS are affected, but Windows Vista and Windows Server 2008 updates are marked as Important, not critical. I suspect that the new security technologies in Microsoft's latest OS makes the attack less effective/harder to execute.. I guess...

rm20010 said,
^^ Probably.

Also amusing to note is Windows 7 pre-beta is also affected.

Why is it amusing, or even surprising. Since Vista is affected isn't it obvious the early builds of Windows 7 will be too?

cork1958 said,
Yeah, baby!!


How can you get excited by a patch!?

I guess some people are turned on by very different things i.e. MS patch. LOL!

st_tammy said,
How can you get excited by a patch!?

I guess some people are turned on by very different things i.e. MS patch. LOL!

It's not about being "turned on." It's about liking that MS is taking the security of its users seriously.

guylaroche said,

It's not about being "turned on." It's about liking that MS is taking the security of its users seriously.

It's both for me