Sorry I didn't have a chance to blog this yesterday, but two new Windows security bulletins have been released (one for Virtual PC on the Mac as well, if that pertains to anyone).
- MS04-007 - ASN .1 Vulnerability Could Allow Code Execution (CRITICAL)
- MS04-006 - Vulnerability in WINS Could Allow Code Execution (IMPORTANT)
From what I understand, MS04-007 is being treated as serious as the RPC vulnerability due to the potential for a worm as significant as Blaster.
Some details from eEye, in verse form:
U Can't Trust This
By: MCSE HammerBlaster did ya some harm
We just say, hey, another worm
But thank you, for trusting me
To mind your site's security
It's all good, when your server's downed
Our dope PR will pass blame around
Cuz it's known as such
That this is some software, you can't trustI told ya Homeland
U can't trust this
Yeah that's why we're giving ya the code
U can't trust this
Check out eEye, man
U can't trust this
Yo let 'em bust more funky system
U can't trust thisGive 'em a string or recvfrom
Like no sweat they got the keys to your kingdom
Now ya know
You talk about eEye, you're talking about holes
Remote and tight
Coders still sweating so someone better write
A book to learn
What it's gonna take in '04
To earn some trust
Legit, either secure or ya might as well quitThat's the word because you know
U can't trust this
U can't trust thisBreakin' in
Stop -- eEye time
Actual technical details from eEye available here and here.
Please patch your machines as soon as possible and pass along the word. If another worm brings down the Internet, how will I stay up to date with all the breaking news on erectile disfunction and rich Nigerian exiles who want to give me money?