IMPORTANT Out-of-band Windows Security Update just released

blargoe · October 2008

Vulnerability in the Server service may cause a specially crafted RPC request to give an attacker full control of your computer. This sounds very similar to the vulnerability that the Blaster worm exploited a few years ago. Download it now, test, and deploy!

http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx

Claymoore · October 2008

Thanks for the heads up blargoe.

My WSUS server downloaded the update during last night's synchronization, so those of you running WSUS may already be protected if you automatically approve security updates.

HeroPsycho · October 2008

Script to audit your computers in a listfile in a nice Excel spreadsheet. Requires PowerShell and Excel on the box you launch the script:

$cred = Get-Credential ""
$ErrorActionPreference = "SilentlyContinue"

$a = New-Object -comobject Excel.Application
$a.visible = $True

$b = $a.Workbooks.Add()
$c = $b.Worksheets.Item(1)

$c.Cells.Item(1,1) = "Machine Name"
$c.Cells.Item(1,2) = "PatchStatus"
$c.Cells.Item(1,3) = "Report Time Stamp"

$d = $c.UsedRange
$d.Interior.ColorIndex = 19
$d.Font.ColorIndex = 11
$d.Font.Bold = $True

$intRow = 2

foreach ($strComputer in get-content C:\computers.txt)
{
$c.Cells.Item($intRow,1) = $strComputer

$PatchStatus = Get-WMIObject Win32_QuickFixEngineering -computer $strcomputer -credential $cred | where {$_.HotFixID -eq "KB958644"}
if($PatchStatus -eq $Null)
{
$c.Cells.Item($intRow,2).Interior.ColorIndex = 3
$c.Cells.Item($intRow,2) = "NO"
}
else
{
$c.Cells.Item($intRow,2).Interior.ColorIndex = 4
$c.Cells.Item($intRow,2) = "YES"
}
$c.Cells.Item($intRow,3) = Get-Date
$intRow = $intRow + 1
}

$d.EntireColumn.AutoFit()
cls