DarkFiber Consulting – IT Managed Services

Microsoft Releases Security Advisory (960906)

December 9th, 2008 . by DarkFiber Consulting

Microsoft has released Security Advisory 960906 to address reports of a vulnerability in the WordPad Text Converter for Word 97 files. The advisory indicates that Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2 are affected by this vulnerability. Exploitation of this vulnerability may allow an unauthenticated attacker to execute arbitrary code or obtain local user rights. Additionally, Microsoft indicates that they are aware of limited and targeted attacks using this vulnerability.

DarkFiber Consulting encourages users to review Microsoft Security Advisory 960906 and implement any necessary Suggested Actions to help mitigate the risks.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Security Advisory 958963

October 27th, 2008 . by DarkFiber Consulting

Microsoft has released Security Advisory 958963 to alert users that exploit code is publicly available for the Windows Server Service vulnerability addressed in Microsoft Security Bulletin MS08-067. The advisory states that this exploit code has demonstrated arbitrary code execution on Windows 2000, XP and Server 2003.

DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 958963 and apply the update or workarounds listed in Microsoft Security Bulletin MS08-067 to help mitigate the risks.

Additional information regarding the Windows Server Service vulnerability is available in:

Microsoft Releases Out-of-Band Security Bulletin MS08-067

October 23rd, 2008 . by DarkFiber Consulting

Microsoft has released Security Bulletin MS08-067 to address a vulnerability in the Windows Server Service. This vulnerability is due to improper handling of specially crafted RPC requests. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review Microsoft Security Bulletin MS08-067 and apply any necessary updates to help mitigate the risks.