[223] in Security FYI
[Security-fyi] New Critical Microsoft Vulnerability
daemon@ATHENA.MIT.EDU (Linda A. LeBlanc)
Wed Nov 12 21:57:56 2003
Message-Id: <5.1.0.14.2.20031112214655.01fdc0a0@po12.mit.edu>
Date: Wed, 12 Nov 2003 21:57:04 -0500
To: security-fyi@mit.edu, netusers@mit.edu
From: "Linda A. LeBlanc" <leblancl@mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
cc: bobmah@mit.edu
cc: security-internal@mit.edu
Errors-To: security-fyi-bounces@mit.edu
Good Evening,
There is another significant new Windows vulnerability that affects some
10,000 machines on campus.
It is important that all affected users patch their machines immediately.
Exploits for this vulnerability currently exist.
You can address this problem by running the Windows Autoupdate facility, or
by visiting microsoft.com/security and downloading the individual patches
as appropriate to your individual system and configuration.
There are no patches for Windows95 or Windows98 since Microsoft no longer
supports these operating systems. There has been no testing done, and there
is no way to tell if they are vulnerable to these exploits.
Any significant fraction of our vulnerable population compromised by this
problem will far outstrip our ability and resources to meet the needs of
support and recovery. If all affected users act quickly to secure their
systems, the campus-wide outages and significant recovery delays seen in
similar events in recent months can be avoided.
We ask that all users take responsibility for their computers so that MIT
mission can proceed apace.
Bob Mahoney
Linda LeBlanc
Network Security Team
_______________________________________________
Security-fyi mailing list
Security-fyi@mit.edu
http://mailman.mit.edu/mailman/listinfo/security-fyi
