July 19, 2010
Voice of the Service Desk
June 28, 2010
KnowManager Managed Services is Growing Rapidly
May 17, 2010
New KnowManager Managed Services Offerings: Coverage Flexibility
April 19, 2010
Know Technology’s Data Center Expands Operations
September 28, 2009
Know Technology welcomes new staff members
June 24, 2009
Know Technology wins the prestigious 2009 Microsoft Partner of the Year for Networking Infrastructure Solutions
May 14, 2009
Know Technology's KnowManager Case Study: Managed Workplace from Level Platforms improves Know Technology Managed Services offerings
May 9, 2009
The Top 12 Technology Mistakes Small Business Make And How To Avoid Them
April 22, 2009
Case Study: Systems Virtualization Cuts Servers by a Third, Reduces Staff Costs by $83,000 Annually
April 6, 2009
Managed Services from Know Technology
March 31, 2009
Make your IT Infrastructure a Strategic Asset
January 9, 2009
Know Technology ServiceDesk Update
December 18, 2008
Security Bulletin Announcement from Know Technology
December 9, 2008
Know Technology, LLC is pleased to announce the addition of Kamron Bonta to the KTL team
November 14, 2008
Maine Discovery Museum Receives Communications Upgrade with help from Know Technology
October 24, 2008
Vulnerability Announcement from Know Technology
October 20, 2008
POP!TECH 2008 PARTICIPANTS CAN LIVE BLOG, STREAM VIDEO, ACCESS
INTERNET USING MERU HIGH-PERFORMANCE 802.11n WIRELESS LAN - Meru WLAN Addresses Needs of 'Power Users'
Attending 12th Annual Conference in Maine
August 21, 2008
Hosting services notice from the Know Technology Data Center
|
October 24, 2008
Dear Know Technology Partners:
As a partner of Know Technology, we want to alert you to a security bulletin
that Microsoft released yesterday. This new bulletin is relevant to all
users of Microsoft workstations or servers. Microsoft has
released a patch that is require for all workstations and servers.
It is important to note that application of this patch does require a reboot.
Know Technology - KnowManager (Platinum, Gold and Silver) clients
are automatically having this issue addressed at no additional
cost, as part of their Managed Services plan. We encourage you to
inquire about these services, as they ultimately help our clients
leverage technology, and prevent downtime in the long run.
We are working with all other networking clients
to arrange for this patch to be applied on their respective
networks. This issue has already been addressed on Know Technology's
hosting systems.
Below, are details of this important security patch, as received
from Microsoft.
Regards,
The Know Technology Staff
This alert is to provide you with an overview of the new security bulletin
released (out of band) on Thursday, October 23, 2008. Microsoft has released
security bulletin MS08-067, Vulnerability in Server Service Could Allow
Remote Code Execution (958644), to address a vulnerability in all currently
supported versions of Windows. This security update was released outside
of the usual monthly security bulletin release cycle in an effort to protect
customers. We request that you take action immediately by first assessing
and preparing your own systems and networks and applying the security update,
then reaching out to your customers to assist them in securing their systems
and networks by applying the update.
Details about this security update are below, but here are your key resources:
Summary
This security update resolves a privately reported vulnerability in the Server
service. The vulnerability could allow remote code execution
if an affected system received a specially crafted RPC
request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003
systems, an attacker
could exploit this vulnerability without authentication
to run arbitrary code. It is possible that this vulnerability could be
used in the crafting
of a wormable exploit. Firewall best practices and standard
default firewall configurations can help protect network
resources from attacks that originate
outside the enterprise perimeter. The security update addresses
the vulnerability by correcting the way that the Server
service handles RPC requests.
Recommendations
Microsoft recommends
that partners first assess their own systems and networks
and apply this security update, then reach out and follow up with
their customers to assist them in securing their systems and
networks to help ensure that their computers are protected
from attempted criminal attacks.
New Security Bulletin Technical Details
Identifier
MS08-067
Severity Rating
This security update is rated Critical for all supported editions of Microsoft
Windows 2000, Windows XP, Windows Server 2003, and rated Important for
all supported editions of Windows Vista and Windows Server 2008.
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer
system requires this update.
Affected Software
All currently supported versions of Windows.
Restart Requirement
The update requires a restart.
Removal Information
- For Windows
2000, Windows XP, Windows Server 2003: Use Add or
Remove Programs tool in Control Panel or the Spuninst.exe utility
- For Windows
Vista and Windows Server 2008: WUSA.exe does not
support uninstall of updates. To uninstall an update installed
by WUSA, click Control Panel, and then click Security. Under Windows
Update, click View installed updates and select from the list of updates.
Bulletins Replaced by This Update
MS06-040 is superseded on these operating systems: Windows 2000 SP4, Windows
XP SP2, Windows XP X64, Windows Server 2003 SP1, Windows Server
2003 X64, Windows Server 2003 SP1 for Itanium-based Systems.
Full Details
http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
Regarding information Consistency
We recommend that Microsoft partners use the Microsoft TechNet Security
TechCenter as a key source of security information:
http://technet.microsoft.com/security, and that you sign up
for comprehensive alerts at http://www.microsoft.com/technet/security/bulletin/notify.mspx.
We strive to provide you with accurate information in static
(this mail) and dynamic (Web-based) content. Microsoft's security content posted
to the Web is occasionally updated to reflect late-breaking information.
If this results in an inconsistency between the information here and the
information in Microsoft's Web-based security content, the information
in Microsoft's Web-based security content is authoritative.
|
