Select Tel Systems fire alarms low voltage network security cctv
   News   |   Products   |   ShoreTel VoIP   |   Services   |   Small Businesses   |   About Us   |   Contact Us   |   Help Desk   
   Home >> News Ms08-067
News

Alert on Microsoft Bulletin MS08-067
 
 
IMPORTANT
October 27, 2008 - v1.2

UPDATED
Microsoft has just acknowldged the first release of an Internet-based exploit of this vunerability:
www.microsoft.com/technet/security/advisory/958963.mspx

Also, we have found no conflicts with any system that we have patched, and Microsoft has made the same assessment - the patch is safe and very necessary to the security of your systems.

This is to keep you aware of the potential risks of this patch by Microsoft and encourage you to assess your security needs and network exposure.

Basically, a new method has been developed to exploit a network service that exists in nearly every currently support version of Microsoft Windows. A successful hacker can gain complete control of a computer using this method. Microsoft has released a patch to fix this vulnerability, and it needs to be applied to any system that has network access, especially Internet access.

This patch may cause some software that relies on network access to stop functioning, and therefore a remediation plan should be in place before applying the patch. This will mainly become apparent on servers with special considerations, as Microsoft has tested according to their published standards so most systems will not be affected. Pay particular attention to any system that is hosting customized software in a networked environment.

The Microsoft Bulletin that explains this situation is at:
www.microsoft.com/technet/security/bulletin/MS08-067.mspx

Getting the patch:
The best place is at update.microsoft.com
click on Express to get all the critical security updates available for your system, or
click on Custom to pick and choose - you are looking for patch 958644

**** this update will require a reboot of most systems ****

More technical details:
support.microsoft.com/kb/958644

FAQ
Frequently Asked Questions

  Q I have a firewall - why should I be concerned?
  A Firewalls are great and very necessary - however there are functional limitiations. In this case, the greatest cause for concern is your mobile users. When they take their laptops away from your protected network and travel, their risk for exposure is greatly increased. If they become compromised and return to your network with a virus or worm that exploits this issue, it will be from behind your firewall. The only reason not to patch a system is if the patch will break the function of that system. In that case, another solution will have to be implemented and protection should be placed around that system.

  Q Is the sky falling?
  A No, the sky is not falling, but due diligence needs to be exercised here.

  Q How long has this been known about?
  A It was brought to Microsoft's attention back in August. Their security response team began working on a solution and it became public knowledge on October 23, 2008

  
 
© 2009 Select Tel Systems, Inc. - v2.4 2009-06-10