Microsoft released MS 08-067 as an emergency patch today. The Internet Storm Center has more information.
The big question I always ask with any MS patch is: is it 'wormable'? Could a self-propagating worm be written to exploit this vulnerability, and automatically infect remote systems? We haven't had a widespread one in a few years (going back to the Blaster and Sasser outbreaks).
Based on the patch MS08-067 replaces, MS06-040, my thinking is 'probably wormable'. A variant of the Mocbot bot/worm exploited MS06-040.
My advice: patch now.
No comments:
Post a Comment