Hi everyone, Stephen Toulouse here. There’s been a lot of talk today about exploit code, specifically around security bulletins MS05-051 and MS05-046. The good news is that we’re not aware at this time of any exploit code being available publicly. Currently we’ve been told the exploit code is only available through third party fee-based security offerings. We’re not currently aware of active attacks that use this exploit code or of customer impact at this time.
But as always, the MSRC is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
This just illustrates the danger out there however and we want to reiterate: if you are running the older versions of the operating systems, like Windows 2000, we strongly urge you to deploy the critical updates for that platform, like MS05-051, as soon as possible!
Also a reminder, if you think you may have been affected or are having trouble with an update at all you should contact Product Support Services. Product Support Services in North America can be contacted for help with security update issues or viruses at no charge by using the PC Safety line (1-866-PCSAFETY). International customers can receive the same level of support by using any method found at this location: http://support.microsoft.com.
And customers who believe they have been attacked should contact their local FBI office or post their complaint on www.ifccfbi.gov. Customers outside the U.S. should contact the national law enforcement agency in their country.
We’ll of course post more information as it becomes available.
S.
*This posting is provided “AS IS” with no warranties, and confers no rights.*