OS/Platform/Application:

Microsoft Vista
Microsoft Windows XP
Microsoft Windows 2000

Microsoft Server 2008
Microsoft Server 2003

Category: ALERT
Severity: HIGH
Attention: Microsoft Windows users, System Administrators, Desktop Support Personnel.

Summary: On October 23 2008 Microsoft released security bulletin MS08-067.  This bulletin was released ahead of the typical monthly schedule to address a critical vulnerability in handling Remote Procedure Call (RPC) requests.  Successful exploitation of this vulnerability could result in complete takeover of a vulnerable computer.  According to Microsoft this vulnerability is already being actively exploited on the Internet.

Recommended Actions:  Windows users and support personnel are encouraged to read the bulletin and apply the necessary patches as soon as possible.

Readers are encouraged to share this alert with family, friends, and associates.

ITS Actions: ITS Systems Management and Operations Staff will apply all necessary patches to the appropriate ITS servers as part of the next scheduled system update.

Resources:

Microsoft Windows Update:
http://windowsupdate.microsoft.com

Microsoft Security Bulletin MS08-067:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

SANS Advisory:
http://isc.sans.org/diary.html?storyid=5227

FrSirt Advisory:
http://www.frsirt.com/english/advisories/2008/2902

Secunia Advisory:
http://secunia.com/advisories/32326/