Typically, Microsoft releases patches (security fixes) on the second Tuesday of each month. This day is affectionately called “Patch Tuesday” by many. On very rare occasions when there is a particularly severe vulnerability Microsoft will release a patch as soon as possible.

Yesterday (October 23rd, 2008) Microsoft made a rare exception and released an “out of band” patch. The reason for the patch is a vulnerability that can allow a Windows computer to be exploited without requiring user interaction. This means that worms can spread very quickly.

The newest Microsoft operating systems, Vista and 2008 Server, are less prone to worm type attacks, but even XP can be fairly resilient if you have the firewall turned on and do not enable file and printer sharing.

Typically, when such a vulnerability is exploited, the result is that malicious software is downloaded and run on the affected computer. Antivirus software can often protect a user against such an attack, even when the vulnerability is exploited, but still, the best defense is to patch your operating system. Even with the firewall enabled it is very easy to trick users into running programs that exploit the vulnerability.

I highly recommend that you go to Windows update and make sure you have all of the current security updates. We have samples of exploits in the wild, so this is not a theoretical problem.

At http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx you can click on your operating system under the section titled “Affected and Non-Affected Software and be taken to the page with the appropriate patch download, or simply use Windows Update in your Windows operating system.

For the techies in the audience, stay tuned for a post by Pierre-Marc Bureau. Pierre has been analyzing samples of exploits!

Randy Abrams
Director of Technical Education