Update to MS08-067 post

You can find the update for your OS here if you don’t have notification via Automatic Updates.
http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
NOTE: Many virus/spyware infected PCs won’t get notification of MS Updates.

All MS OS’s need it, including XP-SP3.

US-Cert article
http://www.kb.cert.org/vuls/id/827267

Patch your Microsoft Operating System NOW!

You may have noticed that there is a Microsoft update waiting for you. I’m not talking about Service Pack 3. Instead, there is a huge vulnerability in just about every current Microsoft Operating System. This is huge!

The vulnerability I am speaking of is MS08-067. By all measures, this is a big as the 2006 vulnerability that let to breaches like the Blaster worm and other targeted attacks.

PLEASE PATCH TODAY. You can find the patch for MS08-067 (KB958644) at http://update.microsoft.com/ (using Internet Explorer) or though Automatic Updates.

This vulnerability is being actively exploited on the internet.

Fake Microsoft update email

Be aware of a fake warning from Microsoft. It comes in the form of an email (I have received many of them). Because of the type of attachment that is coming with the email, hopefully it will be blocked for you by your spam filter (but don’t bet on it). As with most viruses, there is always the possibility of this changing.

As a note, Microsoft will never send an update in the form of an attachment. If you receive one of these messages here or at home, just delete it.

Here is a sample of the message:

Dear Microsoft Customer,

Please notice that Microsoft company has recently issued a Security Update for
OS Microsoft Windows. The update applies to the following OS versions: Microsoft
Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft
Windows XP, Microsoft Windows Vista.

Please notice, that present update applies to high-priority updates category. In
order to help protect your computer against security threats and performance
problems, we strongly recommend you to install this update.

Since public distribution of this Update through the official website
http://www.microsoft.com would have result in efficient creation of a malicious
software, we made a decision to issue an experimental private version of an
update for all Microsoft Windows OS users.

As your computer is set to receive notifications when new updates are available,
you have received this notice.

In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.

If nothing changes after you have run the file, probably in the settings of your
OS you have an indication to run all the updates at a background routine. In
that case, at this point the upgrade of your OS will be finished.

We apologize for any inconvenience this back order may be causing you.

Thank you,

Steve Lipner
Director of Security Assurance
Microsoft Corp.

—–BEGIN PGP SIGNATURE—–
Version: PGP 7.1

D9AH5KHNC0IOQM1RFLM71TEBJC4IDPLJ863M9116WQ7WZFEHNXS24D534SHXSVO60
AXGKAM090UB2U108GSD2DQBDCD5RRA6VZKAASVTHWOZA9UG8308636F3Y7H0BDQNH
X38J1CZKC6QVXSV566CGA7MS6NMAAJY4TKA805Z58ZNCCH6O0XZYDFVEUU83JIFJD
QPZK6Q6CQKZDNNP0MM8H30CJUJWS1OWK833UE0XIBKHNAK4WW2ZU1KHUJF8B0KYNJ
SPQWP9OI3PDARWG8G1M3Q7WX3EZBT9LGBT7==
—–END PGP SIGNATURE—–