Google has 88 articles so far on the Homeland Security bulletin today that urges Windows users to patch their operating system. Homeland Security?
Apparently there is a flaw in the File and Printer Sharing code of Windows that allows a hacker to break into and access your computer as the admin. Their fix?
For those users who have not yet patched their machines, the government recommends that they block access to Server Message Block (SMB) services from untrusted networks and disable anonymous SMB access. The new patch fixes the problem by having the Server service validate RPC messages before passing them to the appropriate buffer.
The SMB to the whoisitwhat? Are they kidding?
I think this month's Windows update had 9 critical security patches and Windows XP has been out for 4 years! Wouldnt it be easier to buy yourself a Mac?
Homeland Security wants you to clean your Windows
8/10/2006 11:43:13 AM
The Department of Homeland Security (DHS) yesterday issued an unusual press release urging Windows users to apply a specific security patch from Microsoft. That patch, MS06-040, was just released as part of Microsoft's monthly cycle of security updates, so most home users should already be secure. IT departments and home users who have disabled automatic updates should install the patch as soon as possible. As the DHS ominously notes, "attempts to exploit vulnerabilities in operating systems routinely occur within 24 hours of the release of a security patch."
While the DHS rarely issues patch advisories, the department seems keen to prevent massive damage from another worm like MSBlast, which made the rounds several years ago and brought down computers around the world. The concern appears to be justified; both CERT and Microsoft claim that they have already seen code which exploits this particular vulnerability.
