You can download the emergency update patch here,Windows Update Patch. Once downloaded, install the patch and it will automatically apply the update to your computer.
Updated Microsoft has released an emergency security update for a broad swath of its users that patches a critical security hole that is already being exploited in the wild.
The vulnerability - which has been subjected to "limited, targeted attacks" - could allow miscreants to create wormable exploits that remotely execute malicious code on vulnerable machines, Microsoft said. No interaction is required from the end user. It was the first patch released outside Microsoft's regular update cycle in 18 months.
"This is a remote code execution vulnerability," Microsoft's out-of-band advisory warned. "An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely."
The vulnerability stems from the failure of Windows server service to properly vet remote procedure call (RPC) requests for malicious content. The service handles the sharing of printers, disk and other resources over a network. It also allows applications on one networked computer to communicate with applications on another machine.
On the 2000, XP, and Server 2003 versions of Windows, anonymous users with access to the target network could exploit the weakness by sending a specially crafted network packet to the affected system. Microsoft rated the vulnerability as "critical" - its most severe designation - for those versions.
Monday, November 10, 2008
Subscribe to:
Posts (Atom)