Microsoft Security Bulletin Alert - MS03-039
Security Bulletin MS03-039
We are contacting you today to ensure you are aware that we have released Microsoft Security Bulletin MS03-039 over night.
This bulletin details three critical vulnerabilities in the Windows operating system and provides instructions for applying the corresponding patch. While there is currently no active exploit of this vulnerability, if successfully exploited, an attacker could gain control of the target system.
After ensuring your own systems are secure, we strongly encourage you to recommend your consumer and business audience obtain and deploy this patch to any affected system that connects to their infrastructure; including systems on a local area network and remote or mobile systems. For the most current information on affected systems and recommended remediation steps, please read the bulletin posted at: http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
We understand the potential effect of this situation and we recommend people visit http://www.microsoft.com/technet/security/protect and take the recommended remediation steps we advise below:
1. Verify firewall configuration. Audit internet and intranet firewalls to ensure they comply with security policies; these are the first line of defence. In addition, evaluate using host-level firewalls such as the Internet Connection Firewall in Windows XP. This is especially important for systems such as laptops and home PCs that connect to networks remotely.
2. Stay up-to-date. Use update services from Microsoft to keep systems up-to-date. These services include three main components.
* Automatic Updates, available on Windows XP, Windows 2000 SP3 and SP4, and Windows Server 2003. Automatic Updates works with the Windows Update Web site to automate the process of updating Windows systems.
* Software Update Services (SUS), a patch-distribution server available for download from our Web site. SUS enables users to deploy a server in their organisation that Automatic Updates clients will use to get only approved and tested patches.
* Systems Management Server (SMS) is a flexible, enterprise-wide software update and systems management product.
In addition to using these update services, we strongly recommend people subscribe to Microsoft's free security notification service at http://www.microsoft.com/securitynotification , so that they are proactively kept aware of new security issues.
3. Use and keep antivirus software up-to-date. Antivirus software programmes will help protect systems against many viruses, worms, Trojan horses, and other malicious code. To protect systems from new viruses, it's also important to obtain up-to-date antivirus signatures through a subscription service from the antivirus software vendor. Organisations should not let remote users or laptops connect to their network unless they have up-to-date antivirus software installed. In addition, we recommend customers use antivirus software in multiple points of their computer infrastructure, such as on edge Web proxy systems, as well as on email servers and gateways.
Businesses can also protect their networks by requiring employees to take the same three steps above with home and laptop PCs they use to remotely connect to their work, and by encouraging them to talk with friends and family to do the same with their PCs. To make this easier, we have set up a new Web site to assist PC users at http://www.microsoft.com/protect
Again, we want to encourage you to read this security bulletin and help consumers and businesses deploy the patch to their systems. We want to thank you for your patience and look forward to working with you to help New Zealanders understand the actions they need to take to protect their computing environment and businesses from these kinds of security threats.
Microsoft New Zealand