As part of the latest Microsoft Update cycle (released this Tuesday),
Microsoft has released a patch for a critical vulnerability in the
Server service (MS06-040) that could allow a remote attacker to take
total control of an affected system. More information about this
vulnerability can be found here:
http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx.
Due to the seriousness of the vulnerability and the potential for
exploits to spread quickly though affected computers as Internet worms,
SNS is recommending that all Windows users apply this patch without
delay. Please visit http://update.microsoft.com to check your computer
for critical updates, and make sure you have the "Automatic Updates"
feature enabled wherever possible. The CalnetAD team will push this out
on the campus Windows Server Update Service immediately so if you use
this service you should get your update soon.
Using firewall software will also reduce exposure to this vulnerability.
The Server service listens on ports 139 and 445, so limit access to the
ports to systems as needed for file sharing and central administration.
Please visit http://software.berkeley.edu to download Symantec Client
Security or enable the built-in firewall in Windows XP.
Please spread the word and thanks for your attention to this matter.
-- Allison Henry System and Network Security University of California, Berkeley http://security.berkeley.edu ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Thu Aug 10 14:13:41 2006
This archive was generated by hypermail 2.1.8 : Thu Aug 10 2006 - 14:13:42 PDT