Subscribe to Windows IT Pro
August 10, 2006 12:00 AM

Government Warns of Microsoft Security Patch Vulnerability

Paul Thurrott
Windows IT Pro
InstantDoc ID #93124
Rating: (20)

The US Department of Homeland Security (DHS) said yesterday that a security vulnerability revealed by a recently released Microsoft security patch could endanger the country's critical infrastructure. In a rare move, the DHS recommended that users install the Microsoft patch as quickly as possible.

Described in Microsoft Security Bulletin MS06-040, the vulnerability affects the Server service in Windows Server 2003, Windows 2003 Service Pack 1 (SP1), Windows 2003 x64 Editions, and Windows 2003 for Itanium-based systems; Windows XP SP1 and SP2 and XP Professional x64 Edition; and Windows 2000 SP4. According to the bulletin, the vulnerability could let an attacker "take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

According to the DHS, the vulnerability described in the bulletin "could impact government systems, private industry and critical infrastructure, as well as individual and home users." A sample exploit for the vulnerability has already been published on the Web, and security researchers warn that a worm based on this code could spread quickly. Obviously, it's notable that the DHS has also issued a public warning.

Bulletin MS06-040 was just one of nine security bulletins Microsoft issued Tuesday as part of its regularly scheduled monthly patch release. The bulletins addressed 12 security vulnerabilities, 9 of which were rated critical. It's been a banner year for Microsoft security patches: The software maker has already issued 51 security bulletins fixing 98 vulnerabilities, 64 of which were deemed critical. That's almost as many vulnerabilities as the company fixed in 2004 and 2005 combined. And security experts say no end is in sight: They expect another large set of Microsoft security patches next month.

Related Content:

ARTICLE TOOLS

Comments
Add A Comment
  • Will
    6 years ago
    Aug 14, 2006

    Yar... there be holes, big ones at times. I'll admit that. But I'd rather have a car that has to deal with potholes than a horse if you catch my drift.

    On a sidenote, to all of the windows 'admins' posting here about there "omg, listen to what my users did now!" tirades,

    You are an insult to the core of Windows networking. The whole point of AD and windows networking is the vast majority of the things mentioned can be stopped by you, without enduser impact, and with per-user/per-system granularity. (So don't give me any of that "my boss needs to be able to do this so i couldn't do this restriction" bs.) Lock down your crap right, or there really is no reason not to switch to Mac nw. Windows isn't better just because you can plug a bunch of PC's onto a switch running W2k3 server and it 'just works' its better b/c of the tools.

  • Nathan
    6 years ago
    Aug 11, 2006

    "Finally? The firms I've worked at since 1999 onward have denied administrative privileges to all users. "

    I work at a large corporation, and the computers in the building where I work all run in admin access. It gets messy when a person decides to upload a personally licensed app to a public drive, where hundreds of people can install it on their computers. (This actually happened). People have also downloaded beta software and crashed their computers. Not to mention those dumb computer users who browse the Internet in IE6 (Our company has a strict no-download policy(this includes Firefox, Opera, or IE7)), and decide to download malware, thinking it will "help" their computer. Vista will change this. Once we migrate to Vista, users will not be able to download malware, install licensed programs, or mess up their computers, thus saving our underfunded IT department money.

  • Nathan
    6 years ago
    Aug 11, 2006

    "Finally? The firms I've worked at since 1999 onward have denied administrative privileges to all users. "

    I work at a large corporation, and the computers in the building where I work all run in admin access. It gets messy when a person decides to upload a personally licensed app to a public drive, where hundreds of people can install it on their computers. (This actually happened). People have also downloaded beta software and crashed their computers. Not to mention those dumb computer users who browse the Internet in IE6 (Our company has a strict no-download policy(this includes Firefox, Opera, or IE7)), and decide to download malware, thinking it will "help" their computer. Vista will change this. Once we migrate to Vista, users will not be able to download malware, install licensed programs, or mess up their computers, thus saving our underfunded IT department money.

  • Nathan
    6 years ago
    Aug 11, 2006

    "Finally? The firms I've worked at since 1999 onward have denied administrative privileges to all users. "

    I work at a large corporation, and the computers in the building where I work all run in admin access. It gets messy when a person decides to upload a personally licensed app to a public drive, where hundreds of people can install it on their computers. (This actually happened). People have also downloaded beta software and crashed their computers. Not to mention those dumb computer users who browse the Internet in IE6 (Our company has a strict no-download policy(this includes Firefox, Opera, or IE7)), and decide to download malware, thinking it will "help" their computer. Vista will change this. Once we migrate to Vista, users will not be able to download malware, install licensed programs, or mess up their computers, thus saving our underfunded IT department money.

  • Lotsa
    6 years ago
    Aug 11, 2006

    "My point - if enough users switch to Macs, I'm sure we'll see the same kind of vulnerabilities exposed that we see in Windows."

    Agreed. That's why I've said (repeatedly) that I would like to see OS X maintain enough market share to keep developers interested, but not enough to make it a huge target. About 5-10% should do it, IMHO. I also think that healthy competition between Cupertino and Redmond is good for everyone.

    I've been using a Mac long enough to remember times when running Virus Scans was a necessity, and I experienced a few a decade or so ago (mostly Word macro viruses, actually). Fortunately, none did any serious damage, but the vulnerability was there. I'm not blind to the possibility, but I see my friends and professional peers struggling with malware on their PCs, and it's hard not to get smug. I know--bad attitude, but there you have it.

    I'm looking forward to purchasing an IntelMac, and running Windows under virtualization. Seems like a good solution, and the best of both worlds. I couldn't care less which platform someone uses, as long as they're happy with their decision. I know I'm thrilled with mine, and somewhat baffled that the average web-surfing, picture-taking, solitaire-playing "home" user (not the poor corporate sap that has an IT staff to deal with his/her problems) is willing to put up with Windows.

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

Dev Pro Left-Brain SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.