This article was been published more than a year ago. The information may be outdated.
I rarely write posts off the cuff, but this warrants it. Microsoft has released Security Bulletin MS08-059, along with a hotfix for the problem detailed. There are already exploits in the wild to take advantage of the hotfix.
What I ask is simply this: Update your computer. Run Windows Update, and update your computer.
Here’s the bulletin from Microsoft:
Bulletin Identifier – Microsoft Security Bulletin MS08-059
Bulletin Title – Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
Executive Summary – This security update resolves a privately reported vulnerability in Microsoft Host Integration Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted Remote Procedure Call (RPC) request to an affected system. Customers who follow best practices and configure the SNA RPC service account to have fewer user rights on the system could be less impacted than customers who configure the SNA RPC service account to have administrative user rights.
Maximum Severity Rating – Critical
Impact of Vulnerability – Remote Code Execution
Detection – Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.