To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/security/0,39024655,39325054,00.htm

Microsoft 'critically' patches 'worm hole'
…couldn't wait until patch Tuesday

By Robert Vamosi

Published: Friday 24 October 2008

On Thursday, Microsoft issued a rare out-of-cycle patch for a vulnerability in the Windows Server service that handles remote procedure calls (RPC) that allows programmers to run code either locally or remotely.

In issuing MS08-067, Microsoft warns "it is possible that this vulnerability could be used in the crafting of a wormable exploit". Entitled 'Vulnerability in Server Service Could Allow Remote Code Execution (958644)' the specific vulnerability has been assigned a National Vulnerability Database designation of CVE-2008-4250.

Security A to Z

From antivirus to zero-day, click here for silicon.com's alphabetical guide to security.

Microsoft rates this patch as critical for Microsoft Windows 2000, Windows XP, Windows Server 2003, and important for Windows Vista and Windows Server 2008. It also affects versions of Windows 7 pre-beta in limited release. The patch replaces MS06-040.

Microsoft normally issues patches on the second Tuesday of each month, which has been deemed Patch Tuesday. But out-of-cycle patches are not without precedent. Recent examples include the Windows Animated Cursor Remote Code Execution Vulnerability (April 2007), a vulnerability in Vector Markup Language (September 2006), and a vulnerability in the Graphics Rendering Engine (January 2006).

Microsoft said there have been only limited and targeted attacks to date.

The company did say that a firewall should block network resources from attacks from outside the enterprise perimeter.

The patch is available via Microsoft Update or the individual bulletin for MS08-067.