Microsoft patches potential 'worm hole'

A rare, out-of-cycle, critical patch is available to address a serious flaw that Microsoft thinks could lead to a network worm.

On Thursday, Microsoft issued a rare out-of-cycle patch for a vulnerability in the Windows Server service that handles remote procedure calls (RPC) that allows programmers to run code either locally or remotely. In issuing MS08-067, Microsoft warns "it is possible that this vulnerability could be used in the crafting of a wormable exploit." Entitled "Vulnerability in Server Service Could Allow Remote Code Execution (958644)" the specific vulnerability has been assigned a National Vulnerability Database designation of CVE-2008-4250.

Microsoft rates this patch as critical for Microsoft Windows 2000, Windows XP, Windows Server 2003, and important for Windows Vista and Windows Server 2008. It also affects versions of Windows 7 pre-beta in limited release. The patch replaces MS06-040.

Microsoft normally issues patches on the second Tuesday of each month, which has been deemed Patch Tuesday. But out-of-cycle patches are not without precedent. Recent examples include the Windows Animated Cursor Remote Code Execution Vulnerability (April 2007), a vulnerability in Vector Markup Language (September 2006), and a vulnerability in the Graphics Rendering Engine (January 2006).

Microsoft said there have been only limited and targeted attacks to date.

The company did say that a firewall should block network resources from attacks from outside the enterprise perimeter.

The patch is available via Microsoft Update or the individual bulletin for MS08-067.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Microsoft enters the laptop game with the hybrid Surface Book

This powerful 13.5-inch laptop include Nvidia graphics and a new hybrid hinge.

by Dan Ackman