On October 23rd Microsoft issued a security update for a critical vulnerability in Windows.  Microsoft releases many critical security fixes each month, but rarely deviates from its monthly patch cycle.  This is the fourth time since January 2006, and each time Microsoft has successfully fixed the problem.  This recent vulnerability was discovered in the 'Server' Windows Service.  It allows attackers to run arbitrary code on an un-patched system without any authentication.  There is a strong possibility that this flaw will be soon exploited by a malevolent worm.  The problem has been classified as “critical” on Windows 2000, Windows XP and Windows Server 2003.  It has been labeled “important” on Windows Vista and Windows Server 2008 machines. Microsoft has released the update, MS08-067. 

Microsoft does not take these emergency updates lightly.  We highly recommend applying the patch as soon as possible.  If you have any questions or require assistance, please contact us at info@icssnj.com.

To learn more about Integrated Computer Services, you can visit our website at www.icssnj.com.