Out of band security update planned for today (MS08-067)


Updated 10/23/2008 @ 1:17pm EST
We have pushed the update live – here’s the direct link to the bulletin:http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx (if it doesn’t work for you – keep trying – it will be live real soon now).
Also n
ote that the Microsoft Malware Protection Center also has generic detection for the malware dropped in the targeted attacks!
You can read more about it at the MMPC blog: http://blogs.technet.com/mmpc/archive/2008/10/23/get-protected-now.aspx
Finally my team has released a blog post with an interesting .C file linked at the end – for those who like to compile stuff and play around with ACLs: http://blogs.technet.com/swi/archive/2008/10/23/More-detail-about-MS08-067.aspx
——————————————— 


The MSRC, SWI and some Windows product team folks have been working really hard to get a critical security update out the door this week and they just pushed the advanced notification thing live early this morning (EST).


http://blogs.technet.com/msrc/archive/2008/10/22/advance-notification-for-out-of-band-release.aspx


http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx


It’s likely that by the time many of you read this – the update will already be available for download via WU/MU/WSUS etc. 
Be sure to go out and grab it – especially if you are running Windows XP or lower operating systems (as you can tell by the severity ratings in the advance notification thinger – it’s critical on that platform).


As always we apologize in advance if this ruins anyone’s weekend plans – I personally blame the miscreants. :)


P.S.  Keep an eye on my team’s blog later today for more technical information: http://blogs.technet.com/swi


Comments (1)

  1. Anonymous says:

    The only question remaining is what you mean by "miscreants" – the people writing the attack code, or the people writing the attacked code? :)