FNAL Critical Vulnerability Platform: Windows 2000, XP, 2003 Product: MS06-040 - Vulnerability in Server Service Could Allow Remote Code Execution (921883) Exploitation: Buffer Overrun in Server Service Vulnerability Patch URL: http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx Patch By: 08/14/2006 A vulnerability was reported to Microsoft by the US Government in a Windows service that allows an attacker to gain control of a vulnerable machine. Microsoft has issued a patch to correct this flaw, and has been in communication with Fermilab administrators. There is at least one proof of concept exploit created, and the US Government is encouraging all sites to patch to correct this flaw. FNAL CST will begin scanning for this vulnerability on 8/14/2006, so your systems must be patched by then. |
|
For assistance contact helpdesk@fnal.gov.
Information compiled and maintained by Computer Security Team ; last modified by JK on Aug 8, 2006. (Address comments about page to the Computer Security Team.) |