Last Updated: 2011-04-15 12:22:18 UTC
by Kevin Liston (Version: 2)
Based on notifications received from Microsoft we are upgrading the rating of MS11-020 (KB 2508429, CVE-2011-0661) from Critical to PATCH NOW. See: http://isc.sans.edu/diary.html?storyid=10693 for the full table.
The Remote Code Exploit is possible without authentication, so this presents a serious risk to internal networks. Think Downadup/Conficker, or think lateral movement if that will help motivate patching.
Also note that this patch requires a reboot of your system.
Please submit any reports of weponization/exploits, or impacts from applying the patch.