[windows2000] ALERT: Microsoft Security Advisory (922437) Exploit Code Published Affecting the Server Service

  • From: "Jim Kenzig http://ThinHelp.com" <jkenzig@xxxxxxxxx>
  • To: thin@xxxxxxxxxxxxx, windows2000@xxxxxxxxxxxxx
  • Date: Tue, 15 Aug 2006 15:36:47 -0700 (PDT)

  Microsoft is aware of public reports regarding an attack known as 
Win32/Graweg exploiting the vulnerability addressed by security update 
MS06-040. Microsoft?s initial investigation of Win32/Graweg verified that it 
only affects users running Windows 2000 that have not applied the update 
detailed in MS06-040. Microsoft has activated its emergency response process 
and is continuing to investigate this issue. 

The Microsoft Security Response Alliance partners as well as our own internal 
teams have determined that there is not widespread customer impact and have 
rated Win32/Graweg as a Low threat. At this time it does not appear to be a 
self-replicating internet-wide worm.

Microsoft continues to recommend that customers apply the August updates as 
soon as possible with additional urgency and consideration given to the update 
detailed in MS06-040. Customers can ensure that the updates are being installed 
by enabling the Automatic Updates feature in Windows or by using their 
deployment infrastructure in their enterprise or small business.

Customers who believe that they are infected or are not sure whether they are 
infected by Win32/Graweg should visit Safety.live.com and choose "Protection 
Scan." Additionally, Windows Live OneCare from Microsoft provides detection 
against Win32/Graweg and its known variants.

Customers who believe they have been attacked should contact their local FBI 
office or report their situation to www.ic3.gov. Customers outside the U.S. 
should contact the national law enforcement agency in their country

Customers who believe they are affected can contact Product Support Services. 
Contact Product Support Services in North America for help with security update 
issues or viruses at no charge using the PC Safety line (1866-PCSAFETY) and 
international customers by using any method found at this location: 

  Mitigating Factors:
          ?    Customers who have installed the MS06-040 security update are 
not affected by this vulnerability.
    ?    While installation of the update is the recommended action, customers 
who have applied the mitigations as identified in MS06-040 will have minimized 
their exposure and potential exploitability against an attack.

Jim Kenzig 
    Microsoft MVP - Terminal Services
  Provision Networks VIP
CEO The Kenzig Group
Blog: http://www.techblink.com

    Terminal Services Downloads: http://www.thinhelp.com

  Get Paid For Reading Ads! Get $10 if you signup!


Other related posts:

  • » [windows2000] ALERT: Microsoft Security Advisory (922437) Exploit Code Published Affecting the Server Service