http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx
Now holds information about a new update MS08-067 KB958644 which affects the server service. An unauthenticated remote attacker could gain control over a Windows Machine. But the server service must be reachable. Normally firewall systems would prevent access to this service from the outside.
However in combination with some Explorer exploits on a web page or email an attacker could try to take over your servers and workstations. Nasty. So if you have your service protected with a firewall which blocks access to the following ports you should be "safe" from direct attack from the outside.
System service name: lanmanserver
Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139
SMB TCP 445
source: http://support.microsoft.com/kb/832017
So bottom line. Use a firewall and make sure your workstations are updated and patches applied.
I must say a separate post of Microsoft would have been better now it causes some confusion with the other updates.
No comments:
Post a Comment