Pureoverclock: PC Hardware reviews and news for overclockers!

 
 
 
 
 

Microsoft issue unexpected critical Windows patch

0
Posted October 26, 2008 by admin in News

The bulletin, released yesterday, outlines a flaw in the Server service which allows for remote code execution upon receipt of a specially crafted RPC request ? which is to say that this vulnerability does not require user interaction to exploit, making it a particularly nasty little bug. While the flaw requires that your firewall rules allow RPC requests in, it’s certainly easier to exploit than most modern Windows vulnerabilities ? and trivial from within a local network.

Interestingly, the flaw ? which dates right back to Windows’ roots in the New Technology (NT) era ? also affects the latest pre-beta release of Windows 7, the next-generation Microsoft OS. Although the flaw still exists in Windows 7, it’s not quite as bad as prior versions ? an attacker must already be authenticated against the target system, which is not required for previous versions of Windows. As a result, Microsoft rates the bug as ‘Important’ rather than ‘Critical’ for this OS.



0 Comments



Be the first to comment!


Leave a Response

(required)


Find us on Google+