|
ALARM Group ALERT click for a description of ALARM, The Computing Alert System
Alert Number: 081406-01
Alert Date: 08/14/06
Alert Title: Exploit active and circulating for Microsoft MS06-040 Vulnerability
Update-to: 080806-01 "Microsoft releases security bulletin for August"
OS/Platform/Application:
Microsoft Windows XP (including Service Packs 1 and 2 and Professional x64 Edition)
Microsoft Windows Server 2003 (including Service Pack 1 on standard, x64, and Itanium-based Systems)
Microsoft Windows 2000 Service Pack 4
Category: ALERT
Severity: MEDIUM
Attention: Windows System Administrators, Desktop Support Personnel |
Summary: Multiple Internet security-related agencies are reporting the existence and public circulation of at least one exploit for a vulnerability detailed in Microsoft Security Update MS06-040. MS06-040 was released on August 8 2006 as part of Microsoft's monthly security update series and has been labeled "critical" in terms of importance by the vendor. According to the SANS (SysAdmin, Audit, Network, Security) Institute, malware believed to be associated with this exploit has been observed to be spreading in a "worm like fashion" amongst unpatched (and therefore vulnerable) systems. Several Internet Traffic Monitoring agencies are reporting recent upticks in activity for Transmission Control Protocol (TCP) ports that may be indicative of infected systems scanning for vulnerable computers. Microsoft has recently released security advisory 922437 to provide additional details on this threat.
Recommended Actions: Windows System Administrators and other Support Personnel are highly encouraged to read the information associated with this event (links provided below) and to apply security update MS06-040 as soon as possible to any unpatched systems.
