Friday, August 11, 2006

Microsoft Security Bulletin MS06-040

Hi folks,

Despite the current furor about MS06-040, which Microsoft describes as a "Vulnerability in Server Service [that] Could Allow Remote Code Execution" I don't think it's really such a huge deal. Yes, there are proof of concepts (POCs) circulating that show how to exploit this vulnerability but, as far as I can tell, it can be easily blocked by anyone who's running a firewall, even Windows firewall. Corporates should be more than adequately protected by perimeter firewalls. The rumors are already rampant that it will be used in a worm or a bot very soon, but it's hard to see even that causing major problems for anyone taking normal security precautions (anti-virus, anti-spyware, firewall).

Of much greater concern, in my opinion, is MS06-042, which affects Internet Explorer. This is where the attacks are likely to come, so we'll be monitoring any activity on that front very closely.

-Rog

Thursday, August 03, 2006

WebAttacker Maintenance Release?

Hi folks,

It seems there has been a new update release of WebAttacker. It does not appear to be throwing any new exploits, so at the moment we're assuming it's just a maintenance release. I wonder if they're starting to do quality assurance? Anyway, we're keeping an eye on them in case something pops.

Roger