There are two critical alerts I need to give you and remind you that these are NOT Halloween hoaxes.

The first is for parents. DO NOT, I repeat, DO NOT allow your children to eat any Pirates Gold Chocolate Coins. They have been recalled due to the finding of melamine in the candy.

http://www.snopes.com/food/warnings/coins.asp

The second critical alert is about Microsoft Updates. I sent a Critical Alert to our newsletter subscribers yesterday and I’m repeating it here for those of you who do not subscribe to those.

The most recent set of updates went out nearly two weeks ago on Patch Tuesday and a special “Out of Band” Security Bulletin was issued last week that was marked Critical.

This special update is titled: MS08-067 and affects:

Windows Server 2003
Windows Server 2008
Windows 2000
Windows XP
Windows Vista

This update deals with a service called the Server Service and even though you may think you aren’t using this service on your laptop, desktop, or any other kind of workstation, it is a part of your Windows Operating System and it is being used. The name does not imply what you think it does.

The reason I’m alerting you is because there is now a notice that an exploit has been publicly posted on the Internet. What that means is that a “bad guy” posted an example of how to attack someone’s un-patched computer to take over their machine from the Internet.

It is imperative that you go to the Microsoft Update Site and download the current set of updates. (You may feel free to exclude the Malicious Software Removal Tool if you are so inclined.) But please update the rest of your patches!

I have done my updates and have noticed no change in the behavior of my computer nor the programs operating on it so I can only assume these updates are safe.

And while you’re at the update site, under the Other Software category, get the new Root Certificate Server update too!

http://v4.windowsupdate.microsoft.com/en/default.asp

Technical Information

What causes the vulnerability?
The vulnerability is caused by the Windows Server service not properly handling specially crafted RPC requests.

What is the Server service?
The Server service provides RPC support, file and print support, and named pipe sharing over the network. The Server service allows the sharing of your local resources (such as disks and printers) so that other users on the network can access them. It also allows named pipe communication between applications running on other computers and your computer, which is used for RPC.

What is RPC?
Remote Procedure Call (RPC) is a protocol that a program can use to request a service from a program located on another computer in a network. RPC helps with interoperability because the program using RPC does not have to understand the network protocols that are supporting communication. In RPC, the requesting program is the client and the service-providing program is the server.

Exploit Advisory Details:

http://www.microsoft.com/technet/security/advisory/958963.mspx?pubDate=2008-10-27

Note to students in the Advanced PC Security Course (Hack Your Way to Security): Do you remember the lesson on RPC Service and why it is so dangerous? Here’s your proof!

Please update now!