Today Microsoft released security bulletin MS08-067 as an unscheduled patch release. This bulletin affects all current supported versions of Microsoft Windows (Windows 2000, XP, 2003, Vista, & 2008) and identifies a vulnerability where an attacker could execute code of their choice on a vulnerable machine without authentication. Direct external attacks are unlikely due to the public facing firewall you have in place, however if a machine were to become infected from a user download or malicious website, the infected PC on the LAN would be able to infect other vulnerable Windows machines on the LAN as well. Therefore we are working with our NOC team to deploy this patch on all monitored servers and workstations this evening starting at 7pm.
This is very short notice from Microsoft and uncharacteristic for them to release a patch off schedule. As a result, we are heeding their warnings and have a sense of urgency to get the patch applied to all monitored servers and workstations this evening. If you have our patch deployment service for pcs, please ask your users to keep their pc turned on this evening so the patch can be applied. It will also require a reboot, so your users may find their pc at the logon screen tomorrow. Thanks for your time and please contact our Help Desk if you have any problems.
An informational blog for the clients and associates of Anchor Network Solutions, Inc.
