Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Flash Player 10.2.159.1 is now available

MS11-020 (KB2508429) Upgrading from Critical to PATCH NOW

Published: 2011-04-15
Last Updated: 2011-04-15 12:22:18 UTC
by Kevin Liston (Version: 2)
8 comment(s)

Based on notifications received from Microsoft we are upgrading the rating of MS11-020 (KB 2508429, CVE-2011-0661) from Critical to PATCH NOW.  See: http://isc.sans.edu/diary.html?storyid=10693 for the full table.

The Remote Code Exploit is possible without authentication, so this presents a serious risk to internal networks.  Think Downadup/Conficker, or think lateral movement if that will help motivate patching.

Also note that this patch requires a reboot of your system.

Please submit any reports of weponization/exploits, or impacts from applying the patch.

Sorry.

-KL

Keywords: MS11020
8 comment(s)
Diary Archives