Loading ...
Sorry, an error occurred while loading the content.

Critical Microsoft Update

Expand Messages
  • Lynn Shaw
    All, Microsoft released a critical patch yesterday (outside of the usual second Tuesday of each month) to deal with vulnerabilities that are affecting Windows.
    Message 1 of 3 , Oct 24, 2008
    • 0 Attachment
      All,

      Microsoft released a critical patch yesterday (outside of the usual
      second Tuesday of each month) to deal with vulnerabilities that are
      affecting Windows. FamilySearch Support is taking a proactive
      approach to deal with this vulnerability. We will shortly be
      deploying the update via LANDesk to family history center
      computers. However, center computers are only configured to check
      in to the LANDesk servers once per day, and in some cases much less
      frequently, and therefore it may take a few days before your systems
      will receive the patch.

      If you want to make sure that your center computers are patched
      before LANDesk gets a chance to do this update, you will need to run
      a Windows Update on each computer system. There are two ways to
      force the update. The first is to open Internet Explorer, click the
      Tools menu, and select Windows Update. Then run an automatic scan
      and allow it to install the necessary patch. The other is to open
      the Start menu, got to the LANDesk Management folder, and click
      LANDesk Policy-based Delivery, which will let LANDesk perform the
      update. A third way is to wait for LANDesk to do its automatic check-
      in.

      This issue applies to all Windows operating systems. Below is
      information regarding this threat and its patch.

      Lynn Shaw
      LANDesk Administrator
      Family History Center Services
      FamilySearch Support. CHQ

      ==============================
      This alert is to provide you with an overview of the new security
      bulletin released (out of band) on October 23, 2008. Microsoft has
      released security bulletin MS08-067, Vulnerability in Server Service
      Could Allow Remote Code Execution (958644), to address a
      vulnerability in all currently supported versions of Windows. This
      security update was released outside of the usual monthly security
      bulletin release cycle in an effort to protect customers.

      Executive Summary

      This security update resolves a privately reported vulnerability in
      the Server service. The vulnerability could allow remote code
      execution if an affected system received a specially crafted RPC
      request. On Microsoft Windows 2000, Windows XP, and Windows Server
      2003 systems, an attacker could exploit this vulnerability without
      authentication to run arbitrary code. It is possible that this
      vulnerability could be used in the crafting of a wormable exploit.
      Firewall best practices and standard default firewall configurations
      can help protect network resources from attacks that originate
      outside the enterprise perimeter. The security update addresses the
      vulnerability by correcting the way that the Server service handles
      RPC requests.

      Recommendations

      Microsoft recommends customers prepare their systems and networks to
      apply this security bulletin immediately once released to help
      ensure that their computers are protected from attempted criminal
      attacks. For more information about security updates, visit
      http://www.microsoft.com/protect.

      NEW SECURITY BULLETIN TECHNICAL DETAILS

      Identifier MS08-067
      Severity Rating This security update is rated Critical for all
      supported editions of Microsoft Windows 2000, Windows XP, Windows
      Server 2003, and rated Important for all supported editions of
      Windows Vista and Windows Server 2008.
      Impact of Vulnerability Remote Code Execution
      Detection Microsoft Baseline Security Analyzer can detect
      whether your computer system requires this update.
      Affected Software All currently supported versions of Windows
      Restart Requirement The update requires a restart.
      Removal Information • For Windows 2000, Windows XP,
      Windows Server 2003: Use Add or Remove Programs tool in Control
      Panel or the Spuninst.exe utility
      • For Windows Vista and Windows Server 2008: WUSA.exe does not
      support uninstall of updates. To uninstall an update installed by
      WUSA, click Control Panel, and then click Security. Under Windows
      Update, click View installed updates and select from the list of
      updates.
      Bulletins Replaced by This Update MS06-040 is superseded on
      these operating systems: Windows 2000 SP4, Windows XP SP2, Windows
      XP X64, Windows Server 2003 SP1, Windows Server 2003 X64, Windows
      Server 2003 SP1 for Itanium-based Systems.
      Full Details:
      http://www.microsoft.com/technet/security/bulletin/MS08-
      067.mspx
    • Travis Morris
      Lynn, LANDesk seems to work well with Family History computers. We have our clerk s computer connected to the same DSL that the FH computers are hooked to.
      Message 2 of 3 , Oct 24, 2008
      • 0 Attachment
        Lynn,
        LANDesk seems to work well with Family History computers.  We have our clerk's computer connected to the same DSL that the FH computers are hooked to.  The clerks computer is not running LANDesk.  The updates and virus checking for the clerk's computer is inadequate and desktop 5.5 is horrible.  Is there any policy to put the clerk's computer on LANDesk in the near future?
        Travis
         
        ----- Original Message -----
        From: Lynn Shaw
        Sent: Friday, October 24, 2008 1:32 PM
        Subject: [fhctech] Critical Microsoft Update

        All,

        Microsoft released a critical patch yesterday (outside of the usual
        second Tuesday of each month) to deal with vulnerabilities that are
        affecting Windows. FamilySearch Support is taking a proactive
        approach to deal with this vulnerability. We will shortly be
        deploying the update via LANDesk to family history center
        computers. However, center computers are only configured to check
        in to the LANDesk servers once per day, and in some cases much less
        frequently, and therefore it may take a few days before your systems
        will receive the patch.

        If you want to make sure that your center computers are patched
        before LANDesk gets a chance to do this update, you will need to run
        a Windows Update on each computer system. There are two ways to
        force the update. The first is to open Internet Explorer, click the
        Tools menu, and select Windows Update. Then run an automatic scan
        and allow it to install the necessary patch. The other is to open
        the Start menu, got to the LANDesk Management folder, and click
        LANDesk Policy-based Delivery, which will let LANDesk perform the
        update. A third way is to wait for LANDesk to do its automatic check-
        in.

        This issue applies to all Windows operating systems. Below is
        information regarding this threat and its patch.

        Lynn Shaw
        LANDesk Administrator
        Family History Center Services
        FamilySearch Support. CHQ

        ============ ========= =========
        This alert is to provide you with an overview of the new security
        bulletin released (out of band) on October 23, 2008. Microsoft has
        released security bulletin MS08-067, Vulnerability in Server Service
        Could Allow Remote Code Execution (958644), to address a
        vulnerability in all currently supported versions of Windows. This
        security update was released outside of the usual monthly security
        bulletin release cycle in an effort to protect customers.

        Executive Summary

        This security update resolves a privately reported vulnerability in
        the Server service. The vulnerability could allow remote code
        execution if an affected system received a specially crafted RPC
        request. On Microsoft Windows 2000, Windows XP, and Windows Server
        2003 systems, an attacker could exploit this vulnerability without
        authentication to run arbitrary code. It is possible that this
        vulnerability could be used in the crafting of a wormable exploit.
        Firewall best practices and standard default firewall configurations
        can help protect network resources from attacks that originate
        outside the enterprise perimeter. The security update addresses the
        vulnerability by correcting the way that the Server service handles
        RPC requests.

        Recommendations

        Microsoft recommends customers prepare their systems and networks to
        apply this security bulletin immediately once released to help
        ensure that their computers are protected from attempted criminal
        attacks. For more information about security updates, visit
        http://www.microsof t.com/protect.

        NEW SECURITY BULLETIN TECHNICAL DETAILS

        Identifier MS08-067
        Severity Rating This security update is rated Critical for all
        supported editions of Microsoft Windows 2000, Windows XP, Windows
        Server 2003, and rated Important for all supported editions of
        Windows Vista and Windows Server 2008.
        Impact of Vulnerability Remote Code Execution
        Detection Microsoft Baseline Security Analyzer can detect
        whether your computer system requires this update.
        Affected Software All currently supported versions of Windows
        Restart Requirement The update requires a restart.
        Removal Information • For Windows 2000, Windows XP,
        Windows Server 2003: Use Add or Remove Programs tool in Control
        Panel or the Spuninst.exe utility
        • For Windows Vista and Windows Server 2008: WUSA.exe does not
        support uninstall of updates. To uninstall an update installed by
        WUSA, click Control Panel, and then click Security. Under Windows
        Update, click View installed updates and select from the list of
        updates.
        Bulletins Replaced by This Update MS06-040 is superseded on
        these operating systems: Windows 2000 SP4, Windows XP SP2, Windows
        XP X64, Windows Server 2003 SP1, Windows Server 2003 X64, Windows
        Server 2003 SP1 for Itanium-based Systems.
        Full Details:
        http://www.microsof t.com/technet/ security/ bulletin/ MS08-
        067.mspx

      • Russell Hltn
        Desktop 5.5 includes LANDesk. However, administrative computers are handled by a different department in the church. We need to find the right conduit to
        Message 3 of 3 , Oct 24, 2008
        • 0 Attachment
          Desktop 5.5 includes LANDesk. However, administrative computers are
          handled by a different department in the church. We need to find the
          right conduit to address the issue. If you find it, let me know.



          On Fri, Oct 24, 2008 at 8:53 AM, Travis Morris <tdmorris@...> wrote:
          > Lynn,
          > LANDesk seems to work well with Family History computers. We have our
          > clerk's computer connected to the same DSL that the FH computers are hooked
          > to. The clerks computer is not running LANDesk. The updates and virus
          > checking for the clerk's computer is inadequate and desktop 5.5 is
          > horrible. Is there any policy to put the clerk's computer on LANDesk in the
          > near future?
          > Travis
          >
          >
        Your message has been successfully submitted and would be delivered to recipients shortly.