GreenPages Tech Alert

**TROJAN EXPLOIT CONFIRMED; MICROSOFT RELEASES PATCH**  

Microsoft released a security bulletin (MS08-067) and patch update today for a bug that has a confirmed Trojan exploit. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request.

This hole can be exploited in all supported versions of Windows if:

• File sharing is enabled
• The remote attacker can communicate via RPC (TCP 139 & 445) to the device
• The attack is not picked up by workstation or server’s antivirus protection

Microsoft Forefront confirmed a Trojans, Win32/Gimmiv.A (aka DLOADER.PWS.Trojan) already exists that exploits this hole (hence the emergency release of the patch).

Expect the number of exploits to increase rapidly. It’s fairly important to have it patched on servers and workstations that do not have file sharing disabled (or blocked through their Windows or Antivirus application).

GreenPages is recommending that clients:

• Schedule patches immediately for key servers
• Verify antivirus updates
• Consider a broader workstation update to apply this patch or ensure firewall policies are in place

Additional details are available at www.microsoft.com/technet/security/Bulletin/MS08-067.mspx.

NOTE: GreenPages clients that have a GreenPages Service Plan that includes server updates, have already received the patch as part of their program.

Any questions or concerns about this announcement, please call your GreenPages Account Executive.