Microsoft rushed out a critical security update today that should be installed without delay on every Windows computer. It will have been installed overnight on Wednesday on many computers.
Please make sure this update is installed on your computer!
If you use Windows Live OneCare and it is green on Thursday, the patch was installed.
Otherwise, please check your computer! Go to Windows Update and check for updates. If any critical updates are listed, install them.
This is discussed in Microsoft Security Bulletin MS08-067 (“Vulnerability in Server Service Could Allow Remote Code Execution (958644)”).
Apparently a vulnerability was privately reported to Microsoft, which realized it was “wormable” – capable of propagating across multiple computers very quickly. There was already evidence that it was being exploited in the real world, raising the spectre of a global attack like the SQL Slammer Worm that had a devastating impact in 2003.
The security problem, and the patch, apply to virtually every version of Windows. I’ll be patching servers tonight. It may not be a direct threat to many of you but it’s difficult to evaluate that, since details of the exploit are not being published for obvious reasons. As near as I can tell, it does not get through firewalls but once it’s inside a network it can spread to any unpatched system with printer sharing turned on, which is virtually every computer.
Windows Live OneCare was updated to stop the exploit this morning, and I assume the other security vendors have issued updates as well. But don’t count on security software – get the patch installed!