|
|
|
I got this in the office on Friday. I don't know anything about installing it but I thought I would post it just in case you weren't aware of the problem:
Here is an excerpt from latest Mark Minasi (Windows guru) newsletter....
Get the MS03-026 Patch. NOW. Or Nimda and Slammer are Gonna Look Like a Picnic!
If you don't read anything else this month, read this. I'm not kidding!
On July 16, Microsoft announced that a group called the Last Stage of Delusion (LSD)
had found a humdinger of a bug. If someone writes a hostile program that exploits
this bug -- some worm, trojan or the like -- then that program could cause your
computer to do pretty much whatever you wanted it to. And you should expect that
hostile program any day now -- a Chinese hacker group -- oops, I meant "a non-profit
research organization" called Xfocus (www.xfocus.org) has already written and
published a "proof of concept" program that exploits MS03-026's bug. Unfortunately
Xfocus's work has greatly sped things along for dirtbags everwhere.
Worse yet, the bug applies to NT 4, Windows 2000, XP, and even Windows Server 2003.
The bug works through port 135. Ah, you might be thinking, no problem ... we have a
firewall and we've blocked port 135, so no worries. Not so -- remember Nimda? Nimda
worked by exploiting several Microsoft security bugs. Your firewall protects you
from an MS03-026 exploit so long as the hostile program is outside of your firewall.
All a bad guy has to do is to build a virus that uses MS03-026 and wrap it into a
Trojan horse program of some kind, like a "click this attachment to download great
savings!" e-mail virus. All you need is one person inside the firewall to open it,
and the cat's out of the bag.
So please, do yourself a favor and get the patches for this on all of your NT 4,
2000, XP and 2003 systems. Now.
You can find technical info and download links for patches for NT 4 through Server
2003 at
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp
Again, I cannot stress how important it is that you get this patch on your systems,
and quickly. When the exploit gets written for this, it will be a doozie. Imagine
all of those 2000 Pro and XP systems sitting in people's homes directly attached to
the Internet with no firewall software and port 135 sitting open and exposed to the
Internet. Now imagine all of them running some kind of worm that batters away at
every other computer on the Internet trying to infect those computers. Remember how
slow the Internet became due to Slammer? Well, that only affected computers running
SQL Server. Imagine how much worse it'll be if someone writes a Slammer-like worm
that "only" affects computers running the Server service -- given that virtually
every Windows system runs the Server service, even workstations. My guess is that if
someone writes an exploit quickly, before we're all patched, then the Internet will
be a shambles for a week or two. So please, do yourself and do all of us a favor --
after you've gotten your systems patched, go tell your not-so-techie neighbor with
the new Dell that came with XP Home about this. (Better yet, burn the patch on a CD
and hand it to him.) Thanks very much, and please forward this to any and all of
your techie friends.
|
|