Normally, I do not post anything about Windows updates for tips, but today is an exception. Last night Microsoft released a patch for all versions of Windows. While the details of what this patch addresses are not released, the description states:
The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit.
This must be a pretty big deal because typically Microsoft waits until the 2nd Tuesday of every month to release operating system patches, so the fact they pushed this out early indicates it must be important.
It is recommended you install this patch and reboot your computer as soon as you can to ensure your system remains protected.
Jason Faulkner is the man who brings you our daily tips. He is based in Atlanta, Georgia.
Hey.
I noticed this too; around 8:30PM yesterday 23rd October. PCMag reported it, and I verified its authenticity through Windows Update, installed it on both my machines, then reported it on my blog in a special article at http://kkomp.com/archives/2313.
It had a critical severity rating, and for Microsoft to go into panic mode and issue an out-of-band emergency fix like that must have meant that it was a rather huge threat; bearing in mind their usual complacency over some impending threats.
Even if you’re a Windows user who hates Microsoft Update and would rather stick pins in your eyes than use it – And there are a few of those around for some reason – I do suggest that just this once you break a habit of a lifetime; for your own and possibly other people’s sakes.