Government Warns of Microsoft Security Patch Vulnerability - 10 Aug 2006

Government Warns of Microsoft Security Patch Vulnerability


Visit our sponsor, who brings you WinInfo Daily Update:


==== SPONSOR: Argent Software


Network Testing Labs, one of the world's leading independent research companies, concluded that "Argent's suite had a smaller footprint, was more scalable, supported more platforms, had a more responsive and intuitive user interface and gave us more useful reports," the report says. "Argent's suite of monitoring products emerged from our testing with flying colors."

Download this FREE Comparison Paper now:



Government Warns of Microsoft Security Patch Vulnerability

by Paul Thurrott, [email protected]

The US Department of Homeland Security (DHS) said yesterday that a security vulnerability revealed by a recently released Microsoft security patch could endanger the country's critical infrastructure. In a rare move, the DHS recommended that users install the Microsoft patch as quickly as possible.

Described in Microsoft Security Bulletin MS06-040, the vulnerability affects the Server service in Windows Server 2003, Windows 2003 Service Pack 1 (SP1), Windows 2003 x64 Editions, and Windows 2003 for Itanium-based systems; Windows XP SP1 and SP2 and XP Professional x64 Edition; and Windows 2000 SP4. According to the bulletin, the vulnerability could let an attacker "take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

According to the DHS, the vulnerability described in the bulletin "could impact government systems, private industry and critical infrastructure, as well as individual and home users." A sample exploit for the vulnerability has already been published on the Web, and security researchers warn that a worm based on this code could spread quickly. Obviously, it's notable that the DHS has also issued a public warning.

Bulletin MS06-040 was just one of nine security bulletins Microsoft issued Tuesday as part of its regularly scheduled monthly patch release. The bulletins addressed 12 security vulnerabilities, 9 of which were rated critical. It's been a banner year for Microsoft security patches: The software maker has already issued 51 security bulletins fixing 98 vulnerabilities, 64 of which were deemed critical. That's almost as many vulnerabilities as the company fixed in 2004 and 2005 combined. And security experts say no end is in sight: They expect another large set of Microsoft security patches next month.

Editors' Note
Take the Windows IT Pro Salary Survey!
We need your help! Windows IT Pro is launching its third Windows IT Pro Industry Salary Survey, and we want to find out all about you and what makes you a satisfied IT pro. When you complete the survey (about 10 minutes of your time), you’ll be entered in a drawing for one of five $100 American Express gift certificates. Look for the survey results--and how you stack up against your peers--in our December issue. To take the survey, go to



Randy Franklin Smith outlines five evaluation points to consider when choosing your antispyware solution in this free podcast. Download it today!



Antivirus or patching software alone isn’t enough to protect your valuable systems from spyware. Learn how an enterprise antispyware solution gives you an affordable--and most important, effective, solution to spyware. Download the free whitepaper today!



Save $40 off SQL Server Magazine
Subscribe to SQL Server Magazine today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire SQL Server Magazine online article archive, which houses more than 2,300 helpful SQL Server articles. This is a limited-time offer, so order now:



About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring an UPDATE -- [email protected]



Be sure to add [email protected] to your list of allowed senders and contacts.

Take a look at all of our technology newsletters:

This email newsletter is by the same people who create Windows IT Pro Magazine every month. Check it out!


Windows IT Pro is a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media Inc. All Rights Reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.