Security Researchers warn of potential flaws in Windows

I read an article today from Techworld. I wanted to Discuss this in detail. I also found some links that suggest that Techworld is right.

[ad#ad2-right]

Andrew Storms, director of security operations at nCircle Network Security, speculated that the latest bugs were found by researchers using information disclosed in SMB fixes Microsoft released in October and November.[va Techworld]

According to my investigation, and I have been looking. I found a few SMB Vulnerabilities. One of them is CVE-2008-4835 and CVE-2008-4834. These two are capable of Remote Code Execution, and are Consider very High on the Impact list and all.

So Did people find these exploits or vulnerabilities from the last MS 08-067 patch? I would have to conclude it is a real possibility.

Although Microsoft did patch those holes this month.  I grow to wonder just how much these hackers keeping the IT professionals on there toes.    I hope people updated their system to prevent another worm because you don’t want the worm like Downadup Do you?  I am sure there will be a worm or a virus that will exploit this in time, and I think sooner or later someone will use this just like the other one.

You asked for it, Now it’s real — Vista SP2 Dec 4,2008

Beginning Thursday Dec. 4th, we will be making the Windows Vista and Windows Server 2008 Service Pack 2 Beta available to everyone through a Customer Preview Program (CPP). The CPP will launch on TechNet and be available to anyone interested in trying out this service pack. The CPP is intended for technology enthusiasts, developers, and IT Pros who would like to test Service Pack 2 in their environments and with their applications prior to final release. For most customers, our best advice would be to wait until the final release prior to installing this service pack.

[Via Technet]

[ad#ad2-right]Yes you heard right, you can get into the Beta of Vista SP2 and not have to wait till April.  Some things to remember:

  • It is a Beta
  • It will Have Bugs
  • It is for people who want to test it out
  • It should only be installed for people who need to test it out

Some of the changes that they are going to incorporate into Sp2 are support for new types of hardware and emerging standards that will grow in importance in the coming months.  The complete list of changes can be found here.   I will be testing this out sometime this weekend to give it a full thorough check out.   I will give a report later on this month possibly first part on January I would like to give it a complete test.   To test it out yourself, check out this link for directions on how to download it.