The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  MS releases out-of-band patch for all Windows versions
Time: 05:46 EST/10:46 GMT | News Source: ActiveWin.com | Posted By: Kenneth van Surksum

This morning i received an email from MS stating that as of today (23rd of October) Microsoft will release an critical out-of-band security update. The update is related to a remote code execution vulnerability.

The full version of the Microsoft Security Bulletin Advance Notification for October 2008 can be found at http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx.

Write Comment
Return to News

  Displaying 1 through 25 of 184
Last | Next
  The time now is 4:02:39 PM ET.
Any comment problems? E-mail us
#1 By 24214 (170.63.96.108) at 10/23/2008 9:57:08 AM
Word on the street is whatever this patches could have implications on levels of Nimda if you don't patch.

#2 By 23275 (71.91.9.16) at 10/23/2008 10:02:25 AM
any truth to it being related to a kernel level function of how much memory is allocated within kernel space for unassembled tcp sessions? If so, plan on patching the moment a patch is issued.

This post was edited by lketchum on Thursday, October 23, 2008 at 10:11.

#3 By 24214 (170.63.96.108) at 10/23/2008 10:19:55 AM
I don't know the details yet, but we've already made the decision to patch at release w/o testing after speaking with our TAM.

#4 By 23275 (71.91.9.16) at 10/23/2008 11:13:22 AM
#3, same here - capturing new ASR's/ERD's and Last Known State across the board now and ahead of release.

The harder part is how best, and without much good information at all, to communicate what we have to do and why, with customers without sounding alarmist - while stressing the importance of near-immediate action.

This post was edited by lketchum on Thursday, October 23, 2008 at 15:04.

#5 By 1896 (68.153.171.248) at 10/23/2008 12:18:53 PM
#3: Same here; no matter that for Vista and Server 2008 is rated "Important" and not "Critical", we will install it right away.
Just in case we have imaged everything :-)
I would also say that I am pleased with the way MS acted: quick and responsible.

This post was edited by Fritzly on Thursday, October 23, 2008 at 12:19.

#6 By 1896 (68.153.171.248) at 10/23/2008 1:54:12 PM
WOW!!! MS is really proactive here: there is even a fix for Windows 7.
What a pity I cannot patch it.

http://www.microsoft.com/downloads/results.aspx?pocId=&freetext=KB958644&DisplayLang=en

#7 By 24214 (170.63.96.108) at 10/23/2008 2:49:13 PM
Just got off of a call with our http://www.msisac.org/ partners and there are reported exploits in the wild already. Client OS version of the exploit requires NO authentication to happen. The sever OS version does by default unless you've customized server default security to a lesser level require Authentication to perform.

#8 By 54556 (68.35.10.96) at 10/24/2008 8:04:00 AM
The patch was released on the 12th with all the other Patch Tuesday patches. The only thing that is "out of band" here is the notification update.

The "out of band" exploit is RPC based to the server service, the relevant port should be blocked at a business' firewalls as a matter of best practices anyway, minimizing the vulnerability.

#5, You don't test all patches??? Amazing.

This post was edited by notketchum on Friday, October 24, 2008 at 08:12.

#9 By 17855 (205.167.180.132) at 10/24/2008 8:45:51 AM
#8 Where do find that it was released on 10/12/2008? All relevent information on KB958644 indicates it was released 10/22/2008.

#10 By 1896 (68.153.171.248) at 10/24/2008 8:49:47 AM
#8: Usually we do; considering the urgency I decided to install it right away.
Granted we are not speaking of a 5000 desktop domain here so I can take shortcuts that bigger companies could not.
Besides my understanding is that yesterday patch is a "revised" one and not the same released on Tuesday, again just my understanding.

This post was edited by Fritzly on Friday, October 24, 2008 at 08:50.

#11 By 23275 (71.91.9.16) at 10/24/2008 8:56:04 AM
#9, the OOB update actually updates the netapi32.dll that was first updated 8 Aug, 2006 - that is the vuln. It is accessed via the RPC Server Service and you are right, the revised update was released on the 23rd.

TCP ports 139 and 445, which are normally blocked by enterprises and SOHO NAT devices do mitigate the vuln.; however, XP clients under certain circumstances and regardless of their own firewalls being on, would still be vulnerable.

Since the exploit is potentially wormable, MS assessed the threat to be significant enough to warrant an OOB update - in light of exploit code being discovered in the wild by the MS Fore Front and Live OneCare teams.

Of interest to me was the original concern that the specific area being exploited in netapi32.dll as accessed via the RPC Server Service, did relate to our initial concerns about unassembled tcp sessions. Not hard to conclude when the alert said "all supported operating systems" - so it was probable that an earlier update was the subject of analysis and the only one in recent memory that would also be shared would have been the vuln. originally addressed in Aug 2006.

This post was edited by lketchum on Friday, October 24, 2008 at 08:57.

#12 By 23275 (71.91.9.16) at 10/24/2008 9:11:23 AM
REF my 11 above - if you're interested in the original MS06-040 that the OOB updated on the 23rd, here it is, http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx

Additional fixes were released on 12th Sep, 2006 which addressed performance issues induced by the original update as at, KB921883

#13 By 2960 (70.177.180.170) at 10/24/2008 12:56:58 PM
It installed on my machine overnight automatically.

TL

#14 By 2332 (66.92.78.241) at 10/24/2008 4:54:55 PM
This is a very serious bug. I spent most of the day patching my office and production environments. I'm now 100% patched.

Microsoft would only have done an out-of-band release if they were seeing attack code in the wild. Otherwise it would have waited until November's Patch Tuesday release.

That said, I have a feeling the affects of this will be minimal. Virtually all organizations block the ports needed for this to work. (We certainly do.) So the threat is limited to infected machines being introduced inside the firewall.

Thanks to Windows Update, most user's home machines should be patched be the end of the weekend. Much like a vaccination for the flu, as long as a large percentage of machines are patched, it becomes extremely difficult for infected machines to spread the worm.

I'm sure we'll hear about some corporate network being owned, but overall this won't be another Nimda. Times have changed.

#15 By 4240821 (213.139.195.162) at 10/27/2023 7:28:33 AM
https://sexonly.top/get/b604/b604cnvtwlmmmjadtdu.php
https://sexonly.top/get/b251/b251crtqozpuukbbpbp.php
https://sexonly.top/get/b817/b817wepdmxwqacjfwqg.php
https://sexonly.top/get/b408/b408tivetylhnosinms.php
https://sexonly.top/get/b787/b787aojoekpcbtaerqo.php
https://sexonly.top/get/b377/b377wkolqdquzemnrrb.php
https://sexonly.top/get/b647/b647wujmnszawcjfwqn.php
https://sexonly.top/get/b643/b643uytkhhbydtxgpnj.php
https://sexonly.top/get/b81/b81mchsnrtkxrihcpt.php
https://sexonly.top/get/b215/b215xwbaoxoirskzkqf.php
https://sexonly.top/get/b598/b598kbxawvzvytvmqzg.php
https://sexonly.top/get/b290/b290joevphwxvldoniv.php
https://sexonly.top/get/b963/b963fpquzmxcstzizkb.php
https://sexonly.top/get/b749/b749vartuzovzhunhey.php
https://sexonly.top/get/b675/b675thipikiqohcijmd.php
https://sexonly.top/get/b835/b835fpmcybcjzhazukd.php
https://sexonly.top/get/b353/b353dirjtkwywnuyamk.php
https://sexonly.top/get/b983/b983pdjfqwvdyjconwq.php
https://sexonly.top/get/b391/b391nhwhwtdhmeywzym.php
https://sexonly.top/get/b543/b543odpxpckurgahqrj.php
https://sexonly.top/get/b346/b346npakkfvejkhmezu.php
https://sexonly.top/get/b981/b981egeyxctcgxvvdcv.php
https://sexonly.top/get/b554/b554yelbatzpffocdee.php
https://sexonly.top/get/b237/b237hbrhdjizyvggyaz.php
https://sexonly.top/get/b560/b560ssthfatmvidmriq.php
https://sexonly.top/get/b922/b922mdybaxikmhgyzrb.php
https://sexonly.top/get/b824/b824zztsmftjxidzqht.php
https://sexonly.top/get/b830/b830pidjjnjmwaztkbg.php
https://sexonly.top/get/b852/b852dqowlhqwnlcesdv.php
https://sexonly.top/get/b19/b19xiwiepfjicqeuhc.php
https://sexonly.top/get/b985/b985ewqqvrbjwtkulpm.php
https://sexonly.top/get/b701/b701ablzxjeakcpwbmy.php
https://sexonly.top/get/b447/b447sohocqdctexpswa.php
https://sexonly.top/get/b638/b638elqifcnwgftzcvo.php
https://sexonly.top/get/b280/b280awcrcudxybdtfmh.php
https://sexonly.top/get/b35/b35pmnrmcdqwzjfhup.php
https://sexonly.top/get/b582/b582qpfueqmaxljahfe.php
https://sexonly.top/get/b292/b292yrzldfamvrngwpu.php
https://sexonly.top/get/b993/b993buanbmndrlmvtxr.php
https://sexonly.top/get/b523/b523pfsjlfbsczzexmv.php
https://sexonly.top/get/b4/b4jqwbotktskpvsnp.php
https://sexonly.top/get/b111/b111ddpziwokeuodxvv.php
https://sexonly.top/get/b157/b157sqdsfgvbajrzbgd.php
https://sexonly.top/get/b476/b476qwgeodkrxoisuiu.php
https://sexonly.top/get/b232/b232pooypyxcaabhpuu.php
https://sexonly.top/get/b780/b780hpxryhywnwucpzq.php
https://sexonly.top/get/b266/b266urbfplnwvpzsacb.php
https://sexonly.top/get/b795/b795nmopchaglsxsptd.php
https://sexonly.top/get/b485/b485bzkrkxawbfsyclk.php
https://sexonly.top/get/b925/b925bzxensheenjoexz.php

#16 By 4240821 (103.151.103.150) at 10/30/2023 4:49:52 PM
https://www.quora.com/profile/RobertDarling143/chelsea-charms-MIssygirl910-afton-marie-DeLuxious-Kittyboomboom-Angel-Baby-PhoenixRiver-SadodereBDSM-Mis
https://www.quora.com/profile/JohnJeppi252/HarleyQute-No07names-Chubbyprincess222-victoria-villarim-Lyla_Bliss-Bebe-Minou-yomysmilkers-TsunTsenpai
https://www.quora.com/profile/KristyKnight950/Hopestar09-Heauxbagel-Bby7angel-QueenArtemisToes-Deja-May-Evelyn-Jacobs-Luscious-Lilli-Nasty-T-Baby-ang
https://www.quora.com/profile/RhondaOsorio195/missteyana-Angelina-Johns-sammysamdavis-Bianca-Malone-KandySynn-Trinibaby2811-Papillon-OnlyAnz-SexyyRed2
https://www.quora.com/profile/JomegaSouthers633/jananylon-MIss-Bel-ScarlettHarlott-Coty-Iaria-Gevans-IvyVeronaXXX-Whitish-Cherry-uksexycouple-Misss-Kink
https://www.quora.com/profile/MelissaMinter115/Firegirl1-CurvyKailey-CarryJul-alexis-luv-420Kingandqueen-Anshyah-lilbxcx-emmibbyxxx-Naughtynikki_vegas
https://www.quora.com/profile/PrestonJohnson839/CumNrise-courtneytai-Olivia666-Heavann77-danireid-Sweet_keeks_-Poly_Pocket-Tenshiko-Slimmm27-Liinahott
https://www.quora.com/profile/EricaJohnson291/Playwithlucy-Kristi-Curiali-Lita-XO-Kittykatie69-KosmikDomme-KylieCooperxs-succubussehra-Zuescleopatra1
https://www.quora.com/profile/LoriMaldonado277/BootyLulu-Vegascakz-peaches-arnaz-AnnyCandyPainboy-NatashaReanne-DeluxeDreams-stephoshiri-Kaymonii-seren
https://www.quora.com/profile/JamesWelch159/_BeeBeeKimchi_-rubylynne-unicornjesse-Josett112-emerode-edddit-bianca_resa-Ruby-playsalot-Bria-Jaye-Love

#17 By 4240821 (103.152.17.80) at 10/31/2023 9:04:09 AM
https://app.socie.com.br/teddyvalentinehtownsky
https://app.socie.com.br/read-blog/98293
https://app.socie.com.br/read-blog/97671
https://app.socie.com.br/read-blog/98329
https://app.socie.com.br/CherrieLacemimiandevan
https://app.socie.com.br/read-blog/97569
https://app.socie.com.br/blacknwhitecreampieLilmomma1297
https://app.socie.com.br/TruckerfuckerAlindaGold
https://app.socie.com.br/read-blog/97482
https://app.socie.com.br/WarriorRoseZoeyDiGiacomo

#18 By 4240821 (103.151.103.150) at 10/31/2023 3:42:31 PM
https://app.socie.com.br/read-blog/97486
https://app.socie.com.br/VelaVinetaDommedawn
https://app.socie.com.br/SubmissivehunSheGotIt909
https://app.socie.com.br/read-blog/97741
https://app.socie.com.br/read-blog/97183
https://app.socie.com.br/sophieshoxMargherita74
https://app.socie.com.br/CreamyJordanSexyAsianLucy
https://app.socie.com.br/paidmarieamirafkz
https://app.socie.com.br/read-blog/97513
https://app.socie.com.br/MishaCrossSophiaLove

#19 By 4240821 (62.76.146.75) at 11/1/2023 8:24:47 AM
http://activewin.com/mac/comments.asp?ThreadIndex=74982&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=80065&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=84869&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=2998&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=77148&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=74781&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=80563&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=61538&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=63850&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=61085&Group=Last

#20 By 4240821 (2.57.151.31) at 11/2/2023 8:22:24 AM
http://activewin.com/mac/comments.asp?ThreadIndex=21404&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=54323&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=53783&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=60269&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=54316&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=9103&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=23982&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=27201&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=17906&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=6747&Group=Last

#21 By 4240821 (109.94.218.82) at 11/2/2023 1:57:58 PM
http://activewin.com/mac/comments.asp?ThreadIndex=6091&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=15979&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=84865&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=25695&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=84043&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=14846&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=32726&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=36763&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=82290&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=8442&Group=Last

#22 By 4240821 (212.193.138.10) at 11/3/2023 8:29:19 AM
http://activewin.com/mac/comments.asp?ThreadIndex=20527&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=52921&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=22187&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=68670&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=3766&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=76005&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=57741&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=5756&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=37548&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=10790&Group=Last

#23 By 4240821 (109.94.216.41) at 11/5/2023 9:28:04 AM
https://hotslutss.bdsmlr.com/post/659613815
https://hotslutss.bdsmlr.com/post/652331316
https://hotslutss.bdsmlr.com/post/655515114
https://hotslutss.bdsmlr.com/post/656459731
https://hotslutss.bdsmlr.com/post/651830470
https://hotslutss.bdsmlr.com/post/654456904
https://hotslutss.bdsmlr.com/post/649702954
https://hotslutss.bdsmlr.com/post/654560515
https://hotslutss.bdsmlr.com/post/652630119
https://hotslutss.bdsmlr.com/post/651530870

#24 By 4240821 (92.119.163.194) at 11/6/2023 8:24:50 AM
https://printable-calendar.mn.co/members/19894712
https://printable-calendar.mn.co/members/19911216
https://printable-calendar.mn.co/members/19911924
https://printable-calendar.mn.co/members/19897239
https://printable-calendar.mn.co/members/19895050
https://printable-calendar.mn.co/members/19893691
https://printable-calendar.mn.co/members/19919597
https://printable-calendar.mn.co/members/19903424
https://printable-calendar.mn.co/members/19893206
https://printable-calendar.mn.co/members/19894217

#25 By 4240821 (62.76.146.75) at 11/8/2023 3:50:52 AM
https://www.hackerearth.com/@diastanilir1972
https://www.hackerearth.com/@padcornmounsubs1985
https://www.hackerearth.com/@mensanfvecar1978
https://www.hackerearth.com/@baydierilte1985
https://www.hackerearth.com/@riaceshuci1971
https://www.hackerearth.com/@tiobancbestpars1977
https://www.hackerearth.com/@gioquadmenkbill1976
https://www.hackerearth.com/@carucqame1976
https://www.hackerearth.com/@remareperf1981
https://www.hackerearth.com/@scafdereki1989

Write Comment
Return to News
  Displaying 1 through 25 of 184
Last | Next
  The time now is 4:02:39 PM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *