In a statement issued this week, the DHS has recommended that all users and system administrators apply Microsoft security patch MS06-040 as soon as possible. "This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users."
While the criticality of Microsoft patches is nothing new, the move is unusual in that the government rarely issues such statements. The U.S. Computer Emergency Readiness Team (US-CERT) warned that attackers had already started using the Windows Server service flaw (MS06-040) to attack systems. The advice to patch may suggest the government or US-CERT members may have additional information about pending or potential attacks against critical infrastructure that has not been made public.
Already, some security experts are anticipating that an Internet worm, an attack form that has become rare, will appear using the Windows Server service flaw. Exploit code from several penetration testing companies and open-source frameworks appeared shortly after the patch was released, and it appears the vulnerability is relatively easy to exploit. Exploits based on the flaw can affect Windows XP/SP2 systems patched with all by the latest fixes, even with the default Windows firewall enabled, according to one researcher.
Microsoft recently released patches for 23 flaws, including ten critical security holes. Most users will receive these updates automatically through Microsoft's Automatic Updates functionality for Windows XP, 2000 and 2003. Users, however, should verifiy that the patches have been installed correctly and that their PC is up to date.
Posted by: Kelly Martin