Microsoft issues critical out of cycle server security patch update for Windows


Microsoft issues critical out of cycle server security patch update for Windows

Antony Savvas

Microsoft has released the "out of cycle" critical server security patch it promised yesterday.

Critical patch MS08-067 resolves a vulnerability in the Server service that affects all currently supported versions of Windows.

The patch for Windows XP and older versions is rated as "critical", whilst the version for Windows Vista and newer versions is rated as "important".

"Because the vulnerability is potentially wormable on those older versions of Windows, we’re encouraging customers to test and deploy the update as soon as possible," said Microsoft.

Microsoft said, "We discovered this vulnerability as part of our research into a limited series of targeted malware attacks against Windows XP systems, that we discovered about two weeks ago through our ongoing monitoring.

"As we investigated these attacks we found they were utilising a new vulnerability and initiated our Software Security Incident Response Process (SSIRP). As we analysed the vulnerability in our SSRP process, we found that this vulnerability was potentially wormable on Windows XP and older systems."

The patch has been issued after the main batch of regular monthly patches released earlier this month.

Microsoft said, "Our analysis showed that it would be possible to address this vulnerability in a way that would enable us to develop an update of appropriate quality for broad distribution quickly. We felt that it was in the best interest of customers for us to release this update before the regular November release cycle."

One blue chip, preparing to patch company machines over the weekend, reported that it had also emailed all staff asking them to ensure their home and personal computers were also as secured against vulnerabilities. The email said:

"It would also be a good move for you to check your home machines to see if you have the latest Microsoft updates: you can do this by following the link to Microsoft’s website:"

More on the security update:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy