"This security update resolves a vulnerability in the Server service that affects all currently supported versions of Windows. Windows XP and older versions are rated as “Critical” while Windows Vista and newer versions are rated as “Important”. Because the vulnerability is potentially wormable on those older versions of Windows, we’re encouraging customers to test and deploy the update as soon as possible. To help you better understand the details around the vulnerability, my colleagues over at the Security Vulnerability Research & Defense blog have provided some more information here. Also, Michael Howard has provided some background on the vulnerability from the Security Development Lifecycle perspective here." [Bold added]Update Note: Edited to add additional Microsoft References from the Windows Update Team, the MSRC Ecosystem Strategy Team Blog and the Malware Protection Center Blog.
From Microsoft Security Bulletin MS08-067 - Critical
Also from the Security Bulletin:
This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.
Server Service Vulnerability - CVE-2008-4250Microsoft References:
A remote code execution vulnerability exists in the Server service on Windows systems. The vulnerability is due to the service not properly handling specially crafted RPC requests. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2008-4250.
- Critical Security Update Released Today
- Get Protected, Now!
- Microsoft Security Bulletin MS08-067 - Critical
- More detail about MS08-067, the out-of-band netapi32.dll security update
- MS08-067: Example of Need for Increased Collaboration
- MS08-067 and the SDL
- MS08-067 Released