netdef (netdef) wrote,

Windows flaw already under attack

"The bot, and a second variant detected Sunday, appear to use the Windows Server service flaw (MS06-040) to spread to computers that have not yet been patched for the issue. Microsoft fixed the flaw last week."

Again to all: if you have not yet verified that your Windows system is fully patched as of last week Tuesday - including the ultra-critical MS06-040 security fix - stop what you are doing and get it done now. If your automatic updates are working, then you should be okay.

The good news (so far) is that the attacks seem to be very limited in scope - not like the widespread worms that exploited past flaws.

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment