[THIN] Critical Security Update

• To: <thin@xxxxxxxxxxxxx>
• Date: Fri, 1 Aug 2003 11:09:46 -0400

FYI:

Critical Security Update for Microsoft Windows


Dear Microsoft Technology Partner:

On July 16, 2003, Microsoft(r) released a critical security bulletin
(MS03-026) and a software patch (http://go.microsoft.com/?linkid=210348)
to address a vulnerability in the Windows(r) operating system that could
allow code execution. The incident has been widely reported in the press
and the patch has been made available to Microsoft customers and
partners.

If you were not aware of this bulletin and corresponding patch, we urge
you get the information now (http://go.microsoft.com/?linkid=210349) and
determine if you are running an affected version of the Windows
operating system. If your systems are vulnerable, please apply this
patch as soon as possible. We also encourage you to contact your
customers and advise them of the Microsoft bulletin and corresponding
patch.

Although we encourage you to pay attention to all security bulletins and
to deploy patches in a timely manner, we want to call special attention
to this particular instance. We have become aware of some activity on
the Internet that we believe increases the likelihood of exploiting this
vulnerability. Specifically, code has been published on several Web
sites that would allow someone to spread a worm or virus that takes
advantage of the vulnerability in question, thereby affecting your
computing environment. 
 
It is our goal to produce the most secure and dependable technology
possible, but we become aware of these types of vulnerabilities. To
minimize the risks of such vulnerabilities to your computing
environment, we encourage you and your customers to subscribe to two
services that Microsoft provides:

* The Windows Update service (http://go.microsoft.com/?linkid=210350)
* The Microsoft Security Notification service.
(http://go.microsoft.com/?linkid=210351) 

By subscribing to these two services you will automatically receive
information on the latest software updates and the latest security
notifications, improving the likelihood that your computing environment
will be safe from worms and viruses.
 
We apologize for any inconvenience the implementation of this patch
might cause but appreciate you taking the time to update your system.
 
Thank you,


Microsoft Corporation

 

  _____  

 
Brian Claus, A+, Network+, MCP
Network Administrator
WESCO Distribution, Inc.
225 West Station Square Drive, Suite 700
Pittsburgh, PA 15219-1122
Phone:  412-454-2412
Fax:  412-454-2540
bclaus@xxxxxxxxxxxxx <mailto:bclaus@xxxxxxxxxxxxx> 
  _____  



-----Original Message-----
From: Ryan Lambert [mailto:rlambert@xxxxxxxxxxxxxxx]
Sent: Friday, August 01, 2003 11:06 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: *** RPC ALERT *** We got hit.


John,

Basic FW filtering should mitigate this relatively effectively?

-----Original Message-----
From: John Twilley [mailto:John.Twilley@xxxxxxxxxxxxxxxxxxxxx] 
Sent: Friday, August 01, 2003 11:00 AM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] *** RPC ALERT *** We got hit.
Importance: High

 
Just a heads up...
You all have heard on the RPC exploit that effects Win NT/2000/XP/2003.

We just got a taste of it in our Italy office...and it is BAD!  VERY
BAD.


Win XP / 2000 / 2003

You will notice that the DEFAULT recover setting for the RPC service is
to
(Drum-Roll)
RESTART the server after 1 minute.

Guess what, it does.   
Server restarts every couple of minutes. 

WOW.

Take it from me... PATCH EVERYTHING NOW.   Yes.  Everything.

More Details.
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulleti
n/MS
03-026.asp

********************************************************
This weeks sponsor - RTOSoft TScale 
Complaints about applications response time - DO SOMETHING ABOUT IT!
TScale 2.0 improves applications response time and increases terminal
server capacity. Really get MORE from your existing servers! Free eval:
http://www.rtosoft.com/enter.asp?id=130
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor - RTOSoft TScale 
Complaints about applications response time - DO SOMETHING ABOUT IT!
TScale 2.0 improves applications response time and increases terminal
server capacity. Really get MORE from your existing servers! Free eval:
http://www.rtosoft.com/enter.asp?id=130
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor - RTOSoft TScale 
Complaints about applications response time - DO SOMETHING ABOUT IT!
TScale 2.0 improves applications response time and increases terminal
server capacity. Really get MORE from your existing servers! Free eval:
http://www.rtosoft.com/enter.asp?id=130
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

• Follow-Ups:
  • [THIN] Re: Critical Security Update
    • From: Mark Mucher

Other related posts:

• » [THIN] Critical Security Update
• » [THIN] Re: Critical Security Update
• » [THIN] Re: Critical Security Update
• » [THIN] Re: Critical Security Update

1. Home
2. thin
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---