 |
 |
There is an exploit in the wild for the MS 04-011 vulnerability. Wonderful, two days from announcement to exploit. http://isc.incidents.org/diary.php?isc=dfedebde78b9edf76e913412aa8c24f3 --STeve Andre' [some data on the problem] Microsoft Security Bulletin MS04-011: Security Update for Microsoft Windows (835732) Bulletin URL: <http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx> Summary: Version Number: 1.0 Revision Date: April 13, 2004 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Patch(es) Replaced: None Caveats: The security update for Windows NT Server 4.0 Terminal Server Edition Service Pack 6 requires, as a prerequisite, the Windows NT Server 4.0 Terminal Server Edition Security Rollup Package (SRP). To download the SRP, visit the following Web site . You must install the SRP before you install the security update that is provided in this security bulletin. If you are not using Windows NT Server 4.0 Terminal Server Edition Service Pack 6 you do not need to install the SRP. Revisions: * v1.0 - Tuesday, April 13, 2004: Bulletin published