On the brink of an attack

[net1]

Microsoft is urging customers to immediately install a recent software patch for Secure Socket Layer vulnerabilities in Windows because hackers are preparing to exploit the flaws, vnunet.com reports.

The patch was made available on 13 April and is rated 'critical' by Microsoft. It patches 14 separate vulnerabilities, chiefly bugs in the SSL of all Windows systems.

"Essentially we are seeing increased activity among the hacking community. Exploit code is out there and various sources are talking about bringing out exploit tools. We recommend customers to deploy the patches immediately," said Stuart Okin, chief security officer at Microsoft UK.

 

[w hole]

Hello N1

Is this for all windows versions?

Is there a link?

Regards

W. Hole

 

[net1]

Summary
Who should read this document: Customers who use Microsoft® Windows®

Impact of vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately.

Security Update Replacement: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

Caveats: The security update for Windows NT Server 4.0 Terminal Server Edition Service Pack 6 requires, as a prerequisite, the Windows NT Server 4.0 Terminal Server Edition Security Rollup Package (SRP). To download the SRP, visit the following Web site. You must install the SRP before you install the security update that is provided in this security bulletin. If you are not using Windows NT Server 4.0 Terminal Server Edition Service Pack 6 you do not need to install the SRP.

Tested Software and Security Update Download Locations:

Affected Software:

• Microsoft Windows NT® Workstation 4.0 Service Pack 6a – Download the update

• Microsoft Windows NT Server 4.0 Service Pack 6a – Download the update

• Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 – Download the update

• Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4 – Download the update

• Microsoft Windows XP and Microsoft Windows XP Service Pack 1 – Download the update

• Microsoft Windows XP 64-Bit Edition Service Pack 1 – Download the update

• Microsoft Windows XP 64-Bit Edition Version 2003 – Download the update

• Microsoft Windows Server™ 2003 – Download the update

• Microsoft Windows Server 2003 64-Bit Edition – Download the update

• Microsoft NetMeeting

• Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) – Review the FAQ section of this bulletin for details about these operating systems.


The software that is listed above has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site.