Topic: Major XP, 2003, 2000 vulnerability found, patch yer stuff!

[Stormgren]

Article is here:  http://www.securityfocus.com/brief/844

Advisory is here:  http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Figured I'd help spread the word, this looks like another nasty one.

[anomaly]

thanks.... notified my IT manager

installing patch now....

[BoneyOne]

Yah....fun stuff. I got to poke fun at my girlfriend (she's a Windows Server Admin) about it (I use Linux for pretty much everything) when she started telling me how she (and her team of 3 others) have to patch some 230 servers at her work.

 

[DAwG]

shouldn't be too hard, that can easily be accomplished remotely

[BoneyOne]

Nah, not hard at all. Just takes time out of ones weekend to remote into the servers install the patch, reboot them, make sure all the services and programs needed start like they should. So your probably talking for her at least 5-6 hours total out of her weekend she has to spend remoted in to work doing updates.

Of course Linux has it's need for updates too though. Just fun to pick on her about it all.

I'm curious just how many people and company's out there aren't going to get their systems patched and a new worm gets released taking advantage of this hole.

[Stormgren]

shouldn't be too hard, that can easily be accomplished remotely

Have you ever had to patch that many servers by hand via remote desktop?  While the actual steps aren't that hard, it's a massive pain in the ass to make sure you didn't miss something.  It's not trivial by any means.

Better to shove the patch to a WSUS server and let that do all the heavy lifting for you. 

[DAwG]

we were doing it on a much smaller scale on vmware.  Just roll it out to the various groups via the DC and tell them to update, I already forgot how to do it though, in one ear out the other 

[Harry Lee Smith]

Ever hear of WSUS?