Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MSRC Blog Entry about POC of MS06-035

Published: 2006-07-28
Last Updated: 2006-07-28 23:05:44 UTC
by Scott Fendley (Version: 1)
0 comment(s)
Good Friday evening all (for those in the western hemisphere).

Microsoft posted a blog entry this afernoon containing information about their assessment of  recent reports of a vulnerability which was not addressed in MS06-035.  It appears that the current proof of concept is limited to a denial of service attack and is not currently being observed as an attack vector.  Microsoft reports that they have not identified any possibilities that the issue could allow remote code execution.

We recommend that you assess your particular situation.   Blocking ports 135-139, 445 is already a best practice.  Whitelist IPs that may need these ports, but remember to limit your exposure from your road warrior/home office users.   We expect that Microsoft will release a patch on August 8 to address this current threat.

For more information, please see http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspx.
---
Scott Fendley
ISC Handler
Keywords:
0 comment(s)
Diary Archives