危険度: 緊急
  CVE識別番号: CVE-2008-4250

  概要

This security update resolves a privately reported vulnerability in the Server service. This vulnerability could allow remote code execution if an affected system received a specially-crafted RPC request.

This vulnerability may be used by malicious users in the crafting of a wormable exploit. It is recommended to observe firewall best practices and standard default firewall configurations to protect network resources from attacks exploiting this vulnerability.

  トレンドマイクロの対策

詳しい情報については以下のサイトをご参照ください。

MS08-067:Server サービスの脆弱性により、リモートでコードが実行される (958644)

  影響を受けるソフトウェア

  • Microsoft Windows 2000 Service Pack 4
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 Service Pack 2
  • Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  • Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
  • Microsoft Windows Server 2003 x64 Edition
  • Microsoft Windows Server 2003 x64 Edition Service Pack 2
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows XP Professional x64 Edition Service Pack 2
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Service Pack 3
  • Windows Server 2008 for 32-bit Systems
  • Windows Server 2008 for Itanium-based Systems
  • Windows Server 2008 for x64-based Systems
  • Windows Vista
  • Windows Vista Service Pack 1
  • Windows Vista x64 Edition
  • Windows Vista x64 Edition Service Pack 1