Jim wrote:
> Chris,
>
> You are acting in an extremely irresponsible manner. This is one of the
> largest exploits ever to hit the Windows platform (in number of machines
> affected), and you are telling people to do nothing.
>
> The only thing more irresponsible than your post is Microsoft's refusal
> to take immediate action for such an exploit.

Microsoft is taking action. They have posted an advisory which includes
steps that can be taken to decrease the likelihood of a system falling
prey to this vulnerability. A patch has been developed by MS and is now
in the process of being validated to insure that it meets their release
standards. The MS patch has a tentative release date of January 10,
2006, one week from today.

As most AV vendors now guard against any attack of this vulnerability,
keeping your AV signatures up to date will keep you protected. If,
after gathering all information on this you feel you are still at risk,
then installing the patch available on the SANS website will add
additional protection. Understand though that the SANS patch has not
gone through the same level of testing that the MS patch will have gone
through so has the potential of causing problems.

In the past, files have been offered as patches to vulnerabilities that
were themselves an exploit of some sort. It is always best to be wary
of patches from any non-verifiable source.
--
Tom Porterfield
MS-MVP Windows
http://support.teloep.org

Please post all follow-ups to the newsgroup only.