This is the first time we will post an alert about a Windows Security Vulnerability. Many of our customers run our Zimbra Connector for BlackBerry which runs on the Windows Platform.
Today, Microsoft (for only the 3rd time ever) has issued an "out of band" patch for a critical vulnerability in all Windows NT-based OSes including Server 200x, Vista, and XP. The Internet Storm Center has also raised it's alert level to Yellow.
There is an exploit currently in the wild for this issue. We urge all customers running Windows Server to Patch their system immediately without delay.
"As reported earlier today, Microsoft released a critical update today for Windows Operating System. The update addresses a vulnerability with RPC calls which can be referenced from SMB connections. As most of you remember, worms such as Blaster and its kin were able to propagate through RPC/DCOM vulnerabilities and is in a very similar area of code. Microsoft has detected limited, targeted attacks exploiting this flaw in the wild. It is expected that with the release of the update, much more of the hacker community will become aware of how to exploit this and create a major worm outbreak or botnet activity."
SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc
The Microsoft Security Response Center (MSRC) : MS08-067 Released