The Technology Group, LLC 
When your business relies on technology, you can rely on us.
  sidebar2.jpg - 42073 Bytes

Sage Software Solutions
  • Sage MIP Fund Accounting
    Sage MIP Fund Accounting is the financial management solution preferred by value-conscious nonprofit and government organizations.
  • Sage Fundraising
    Solutions to meet every nonprofit's needs and budget. From small, single-user environments to the largest organizations, Sage Fundraising helps nonprofits thrive and grow.
 
 

IT Security News Item

Thursday, November 06, 2008  

Critical Security Alert from The Technology Group
Posted by: Mark Torello

Overview

Microsoft has released a critical security update to resolve a privately reported vulnerability in the Server service. This flaw could allow a virus or worm to compromise a susceptible system by sending a specially crafted request to a vulnerable machine. An attacker could exploit this vulnerability without being challenged and be able to run a program of their choice. It is possible that this vulnerability could be used in the crafting of an Internet worm or similar self propagating virus. Secure firewall configurations will protect networks from outside attacks but you could still be vulnerable from attacks that originate from inside the network.

Why should you worry?
At this time there are no working viruses or worms, but Internet security organizations have identified several attempts to use this exploit. Microsoft felt that this security vulnerability was so severe that it has released a fix for this flaw outside of the normal monthly update cycle.

Once successfully exploited, networks affected by this worm could experience unexpected shut downs, connectivity problems with servers and printers, failure of mail flow, and dropped internet connections.

Who is at risk?
If you are running any of the operating systems listed below at your home or office, your computer is vulnerable. Do not assume that your computers will be safe if they are not directly connected to the internet or located behind a firewall.

The following products are affected and require updating:
• Microsoft Windows 2000 service pack 4
• Microsoft Windows XP
• Windows Vista
• Microsoft Windows Server 2003
• Microsoft Windows Server 2008

Microsoft has not tested Windows Me, Windows 98, Windows NT 4.0, Windows NT 4.0 Terminal Services Edition, and Windows 2000 prior to service pack 4 to assess whether they are affected. Previous versions are no longer supported, and cannot be protected from this vulnerability.

What should you do?
The first step is to determine if you are at risk. Assistance in determining your risk level can be obtained through The Technology Group, LLC at no charge by calling our technical support line at 860.524.4400. Mention this alert for free assistance in determining if you are at risk. Additional support for remediation will be billed at our normal rate.

Once you have determined if this applies to your computers, Microsoft has released a patch that should be applied as soon as practical.

Details about this vulnerability can be found on Microsoft’s website - Microsoft Security Bulletin MS08-067
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

For more information about this alert or to request assistance in patching your systems please contact The Technology Group for support.

Source:
Microsoft

* * *

Call us at 860.524.4400

More Security News...

 

Client Center
 

Get Answers Now
I'm interested in:
IT Services
NonProfit Services
Security
Name:
Company:
Phone:
Email:
 

 
Sage Software Certified PartnerMicrosoft Certified Partner

About   -    Services   -    Qualifications   -    News   -    Newsletters   -    Client Center   -    Contact

The Technology Group, LLC
147 Charter Oak Ave
Hartford, CT. 06106
TEL: (860) 524-4400

 
The Technology Group, LLC
Copyright, Trademark & Legal Info