Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Homeland Security: Apply MS06-040 Patch



 By: Ryan Naraine
2006-08-09
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
In an unusual move, the Department of Homeland Security releases a firm notice to Windows users: Pay special attention to a gaping worm hole in Windows. Proof-of-concept exploits have already been created.

Less than 24 hours after Microsoft shipped a dozen bulletins with security fixes for 23 serious software vulnerabilities, the U.S. governments Department of Homeland Security issued a firm notice to Windows users: immediately apply the patches in the MS06-040 bulletin.

In a somewhat unusual move, the DHS warned that the patches cover a remote code execution vulnerability that could be used in a network worm attack similar to Blaster, Slammer of Sasser.

"Windows users are encouraged to avoid delay in applying this security patch. Attempts to exploit vulnerabilities in operating systems routinely occur within 24 hours of the release of a security patch," the agency said in an public advisory.

The department warned that a successful attack could be launched remotely to take control of an affected system and install programs, view, change or delete data, and create new accounts with full user rights.

Resource Library:

Read more here about Microsofts efforts to patch a vulnerability.

"This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users," the DHS added.

The DHS recommended that home users opt for Microsofts Windows Update to automatically download and apply all the appropriate security fixes.

The MS06-040 bulletin addresses a buffer overflow in Server Service, which is used to provide RPC (remote procedure call) support, file print support and named pipe sharing over a network.

Because the flaw presents a remote, unauthenticated attack vector, an anonymous attacker could send specially rigged network packets over the Internet to launch malicious code on vulnerable systems.

To read more about the Sasser worm, click here.

A worm attack exploiting this bug would affect unpatched versions of Windows 2000, Windows XP (SP1 and SP2) and Windows Server 2003 (SP1 inclusive).

The use of the built-in Internet Connection Firewall in Windows XP and Windows Server 2003 would help block network-based attempts to exploit the vulnerability.

Microsoft also recommends that TCP ports 139 and 445 be blocked at the firewall.

The US-CERT (U.S. Computer Emergency Readiness Team) has already warned that the flaw has been used in active attacks, even before Microsoft released the patch.

Immunity, a Miami-based security company that sells penetrating testing tools, on Aug. 9 released proof-of-concept exploits for MS06-040 to customers in its Partner Program.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Homeland Security: Apply MS06-040 Patch
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Ryan Naraine
 


x}ks8q8c=mGm9юey-%L*EB%)ۚ'ΗSOx-ɞbK@7Fw?Hpur&skj΢>w߽ [f8mTEK\ߤ~Am;t =4mMFNHB~}@~sfwD%x_'Щ=ѩ&€wɔZiКلؗ>}~qb .hvLIlG tuGpaFA|QcѺQQy$pm<&Q}c QL NZ]"Z3ˆ辥$)5= \o4QL1H6}~8MZ QM%$7 V.mq_0/n<m ^_wD_j0QEVKY/ ZH,ֳP? uN5}(ĭ~㖯[ˇ%MюR?6,fϷ 3+i3*,'L~6/NM'ם97fٚY jiUd\]3,U5Mw'kr9m>sو&lXaV|YkUV1?!&w@"rVJzPR ?#3p;|jio]}<蜒$7SY>|t/!_w nr@ i/]",Y`MIhL2Tc]NjGoNX ZRĿ"G/^Hwnooǫ$шf%",$긦ժ+YEPU^p-Aqj2B c=M:vXy8`;}FwgԴHwH<: M/G˥ ucj>3 äp;pw>-Fv1s{Q {>0iCkFQD4i-D@wM0Ie+!3 uG νdrgo͠A(oMnHX^0 jipHpyY?9»{` 閭,L<ħܠ>xx?ɜk) Lt}JIIL}ABt"AђF )4 g X"K"'' `[X;.V+\y"*m':.܉;T+Jd&3,BV-KїPf%i2khƺń(VFN1|(0Vf)IVB17O)wf@amx*:#wT4tz~#JCݼ~hé;h{q#%MAw=U檳@ulX+nMo?JՍ݋pz1T+úZjt odm_eƠumLGe+-m" IHf(XKkezlxED6*Cin Qy]{8dO17l`(`R5))KaW4E%sXf&`ܲ &P wS~8;[0P!k^GVu<]|꒾!\?C)0x>JeHכAB3 CO5,v&ff:X[' +ȁUzqڋgpp0쟷Wׅ=% ._86i+@oLsCm0 ǖ "^l"{_=)VW}B~* iO5 &^PGe d^ `M`Rc׶| :lF֝BQZ>-B3O.4MD8F_/OAM&4%q8TU&5{Oᗬ{)0v\ wq 5\`EY;[}n)rdd8+ё,Xr]TՑnR wUtT#CWta)X]QiSZ=-RxwI-~O9b:Xpkd豸< QB|l8pL )h UK*~e;g ^,_]hD1(dyDF4D/=qbk NM|8ZJ qvsTy9kY%f+eEyYizzujƵYT{E3is{9~ޖOmwn9;hi-uQjy.Am /5r/3M;fr/cSX_dUM0}3YhSYlpg#]ӞuM}|O>=aO#UIV:ݸ{?,WE8&}kPow(* xg4sgDcK6VNM&vxVm"y';"#N_)%$*L3)㦧RQu VI^Aұg.@C׳@.l̼ITCGTUeH5yJ3k% =EZЋqcSLJԺĮOm$oyJu8e3 +S`e3*~g~hKJ]ad|?T\S=@Q>M|ݤ1p NM< H/ʧRTuQRݴJZV7Ϣ C.{g%/&he~6%Kf?lͥZ5?g DsBx`fKܥ@vGܖ[J,]A Ba u( =6Q讻h]n ^f&s,.Ҟi:-efF*ݔ[YꇪsVR$gI= g?amE:JbI*N=ym5ucf`<#ɟ?9qwP7| o>eM+v@lkZpW|Lk&kSHZ9 OYdY.eժR+8N3Ay vBs=Q<CMM8qc oR9 "_K84L xϰL'JUVqc?3 cS7ݫ=N п"}QLaUv٩bcy&m!@ޏcﻛ)ilw9[#<d¼zDGzΠӻ<|L>;? 4{=kq O,}U\qD*5}<:6?pȁ>KM$(XM,I^2uvֹ|/]wѳ `yB蕓` 8ΥiwOe[J:7]w9&Q!.:/XF}9hOM10vhRbA 1fF<$FMT!PR*.5g^ |}XxrsdQ5hlS돽5/q Bf-.3b!bNg<APc{ r H)'4gEs|b;3^Zhh !:Ua2"(BShDOg4}ڻnq#Klo}AǯJN~v Z-g[M7S+t,c?]ѯ8ʆ=?E]N:|"Br^'18/:}hp)I"21xc.A-6ԾN9"S4sJd":A%;)~ڲOb}~"U=qF.Z;͆ܓ9{_Joc Ǿv/ۻw}Zږ[q*ApCG㽔G K}T& k'7nZ}>oڋ[) *Ee6{vz9T+mˡsahĿ҃PBNwF1dBVLŶ}-|C,c% F8|񠏯v/~x6{uI9ܖcʯ17V8)z%D>Ʈ/ݸLj!4( ȍu"K҆1NckvAKݙIUeʋỌyҩ;Mi0e'Dݱt X0o:M00VIu^L  N"艾v$Nп%s|O۲fY3gCL`:3%V@`}Zj[a--+ZޖKj/%"ac(Aow3}Gj\zDNPU+j^r"<}]DZDdn|6Y,kg+{Do~o~o~o~˪J~D7{8wlX!u!)9Op~3]HݹcoN$FUmeipMR#r/X/s#\C; CD;l~}֖ /Mxr$k-ܺBҍH݅1.UA ]|範{*q[ESzq=ru*]-TR0HAksЅD+"zq&kю05uS}#.n46RiR ?Y& Z6 ZNhuu:"t,^*tXՕ <"QHCJV%,a7D^19_͗%W@]0+x@nǀ ^dYG@mqmn[Op^„b*V5 =ߓWC67>7_/hF>X*u |s0 ~uib׿Ni58ͭ?oM' +Mb@:p*vzt?d~SY2sDxmMMpX|@vu~hڧ&U-I O=haʯd=IE [{8R[x~1JtC1H0I+3Vlۏ#bԸK608{~9ʁV?P,KY+ Zy|Ǘ [Dx Q)w.oN Evxr5,|XUrc[Q|^!TSU~;T-V8ɠ)"(lGhFݒ26,A\ۦ&C75NsJ(aVRcWF%3z J 0;CX^qiS3&I_~4Gcu\_SS[WZo[#rd! `,%7vEa\`8(ĒI  /)/+iyp\+Gy6qΌ"F$dr+".sI.Djʡ^r~^ :VXuV%d˘xVH=Қ0&^OE*ނ0H>PSQ_Z UH+4h 9ަHq5qq?bfģ g50yfBt>^vn&,kxzJ2Ko^7G'ܬTM- GܮNݐS{찌?1{xK"[+x6_f~jR!gI] 0>o5CC^UX+)Z{s5˪pl[ZnJBOK.kXl7 #W*ZTf0o뾽 -Gp}X23 (r&F:<}Q-DJ)!fRvOZ @xl9 c;ZV]R@/Ԯl/[H ";g}XCF㰋ݥ&Dm+im G[,Cl6w 0ډJ J9/2RN }Fsg.ۛ1~"jsas)ʒ=b[+ 6Ƕl[vi|Duv,)Y;~  ˀDa8TJ [ JJ0&MZh]|ֲ͈s%-.?M_cB~kr'SO L-! J!,7\#P |ˆ+S7ݫR>hueqj+Y!kj]j<ҡK+qܖe{6 |B'`DW8E :ћrPZ- FÓ/|T0/b#-񸔦#^>I11K= o~{@ܶq 81q,Ye%+փފ> sF@YfGP56ײD:io_Z rپ_u=< wB&8 x wtq0 Oӎ^cL 'lI=R I5P"aK.ka.`!G\oX|J71[>B$!il?/ח}P)aE$u2#:́ Z Dh4iED#RhbGFcOs? uϤg)45aBXRAA}wFpbZ1Ř!&"cs6#|- I$xRǠqh\11Faŷ~$l;b21cbHg $0XJЗ9vqU@y+LL͂zĂ![C P?5DF·:-vl@f4`ynF" U-g8;Sܕk06ͬs,zy6t(QS1U&FDzsR[7eiD^~|LR ] 4Bq0h1gA:߰|cc?뽩e2'{xCbRWkJ%zu3ʰLXU+SʗxfKͪg2QqFƥJV!J`xFA dhz?;HIP`;C gr޻&-r~nǓuj]E;a[k |폺SwNzgO{W;<<'F;e6/ME`9<eiV9š6u&\ «1.y.r9,tG_04e$Xx#UzWzuL&ٚBur:ϏПxu3K_-fyPYrr:X)` чFIg r!>/ڧһlIJ/./r_r_sʯzsi 8Sރ^N9r`sଝS~ 姛ρ>9yBCgsyC:9CL2/B~Ng(_ٮ. yv>tn]nv?92z'(S? SޅnN9e^\%e@rOK/G\\5u~}o@?6_S^9)O@O9rߛorڿ\'I9ru S)Jy/*苼k Oy射<)?}VU<_`kW9t Ϳ_s ̭L_;WBX\jvr+^geo4vkYAm {}yK/#ymo27AQFgG6+.ȭ-'Hl]=g%%x=0?Mu{1پWߕ\~Une+tq22#s"qG\%ӚXn3'r<]AD1KAA0_w9ݧ,e5;H_ẽxĿ+NÙ'ݞރ}nC7fn@x`?73.#';ʈPsvdmo߆zI':+?PxZLܸʲpoQ^" #"5 b0-0ŸeZ 7㌰6և3{ CחU}=tF}EP,lKeBghXc$+"79<R9Gq`F} knLIL=#QjȺT_i{@$ߛ[k94l cHGRiejRߓJ&"C6ɪ"+uW9 8]V*r `" *s>P`26UF`Ԋz!O J1=4`tK_c4wp%EЧ av̆H^˘Y͛YJMu?2{_ۉ #HbfA0Jb/c{z58$ y0`Nffж!v[F8lS.гy)&~uG ? 3IBy hbأwhQĉPr O?gb zꙫ] lM/޳Gx#L,,7Twjc~` @:X~ sn@aƘSkDMIn_!x@KW`{Kl>`U X)43Ǭ}@GF~Gq!je> T% ]go么 p*)Mx%cAZ/`=ݤ1l*/⒥uff^32b /§On3HG hkЁx/L55~n%<ݜӿ:aѡ(Yœ{XmD82s 2&6u;ݹؓs~|8=;zlF"2 ]ݸ3CK~#ixR Hn2*)<;:dIf̈́1 x d⟒GN*Sa eF`O]׈nBaIg  =w9/0DyOV,|vr/G&l1`=E(g|\,<##1ˌY Mc{Vk*u>w ia:4NbAwN[Q=$NSPsXf@mM]-On]{.ۃwKU,"~7pgv TF\gȌQ)xt$E,Ma{-ă nʽv5==ASh<ϛ5eXa%9wv=L뱻$(\d~d;]n /i;<~"E a'_B K?'u/YޱߞQ TDO2|~+gwǁ;K{Ko;[@(&]a1W%,}#HRݤ_*K;"%=oPmJO0K`w͓(l/Asl2qZ[ ["5ۂˍm`4kUpwSv K?93_|B pQ*Ү^x[9`^ۺkAѾYmw0o>`/#=^&c`H؂{XiW1JpC)tO˰CNt3#+׀5V`=2I_;qS`hp#+2uh\/ Iy>p9<Щ0T\nX%e܌MF®u4mlvѩ/ߵS7qݼD]E>*Ѝ ϱ1igNbcb@x=f_qxFN|0X:| g)C2^#s!?"LnHm^^kteE)n aaIXg~C%6 jaf#3 {߂ ixv4J`hhί>!>T!6xvњE:?#[7nyI׽gRTFYZP$DY; AHecZggx_޿`(XEhMc01B4