There is an exploit in the wild for the MS 04-011 vulnerability. Wonderful,
two days from announcement to exploit.
http://isc.incidents.org/diary.php?isc=dfedebde78b9edf76e913412aa8c24f3
--STeve Andre'
[some data on the problem]
Microsoft Security Bulletin MS04-011:
Security Update for Microsoft Windows (835732)
Bulletin URL:
<http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx>
Summary:
Version Number: 1.0
Revision Date: April 13, 2004
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Patch(es) Replaced: None
Caveats: The security update for Windows NT Server 4.0 Terminal Server
Edition Service Pack 6 requires, as a prerequisite, the Windows NT
Server 4.0 Terminal Server Edition Security Rollup Package (SRP). To
download the SRP, visit the following Web site . You must install the
SRP before you install the security update that is provided in this
security bulletin. If you are not using Windows NT Server 4.0 Terminal
Server Edition Service Pack 6 you do not need to install the SRP.
Revisions:
* v1.0 - Tuesday, April 13, 2004: Bulletin published
|