If this is how every month in 2007 is going to go, anyone using Windows might want to set up a cot next to the computer right now: You may be working overtime, all the time, patching zero-day vulnerabilities.Last month, it was the animated cursor bug in Windows; this month it’s a hole in Microsoft Corp.’s server software line. What do they have in common? Both are critical flaws, both were being exploited by attackers before the bug was acknowledged by Microsoft — and attacks ramped up within days — and both deserve Computerworld‘s FAQ treatment.
This FAQ spells out the at-risk population, details the bug and ticks off the stopgap measures that are — until Microsoft actually fixes the flaw — the only defense.
OK, cut to the chase. Do I need to worry? If you’re not running a Windows server or you’re not responsible for running one in your workplace, you’re home free. The vulnerability affects only Microsoft’s server software. End users running Windows 2000, XP or Vista — or heaven help you, Windows Me — have nothing to do, and so no worries. It’s out of your hands.
continued @ ComputerWorld.com?