Windows Server Service Malicious Code Vulnerability Emergency Warning

• MS08-067 Security Patch Emergency Install Required
  Caution Regarding Circulation of Malicious Codes through MS08-067 Security Vulnerability
  
  The Security Analysis & Response Center of internet security company INCA Internet
  (www.nprotect.com) has detected a malicious code that uses Microsoft Windows?
  vulnerability (MS08-067) is in circulation abroad, and has asked for Windows users
  to be particularly cautious and promptly install the emergency security patch.
  
  This attack was due to the vulnerability of remote code being executable in the
  Server Service, in which the attacker used an RPC(Remote Procedure Call)
  forwarding method to attack, and the malicious code can be circulated through TCP
  ports 139 and 445.
  
  [Reference]
  - Server Service : Function that supports the sharing of files, folders, and peripheral
  equipments in MS Windows
  - RPC : Protocol used to request the services of programs in other computers in the
  network
  
  The operating system products that are exposed (or affected) by this vulnerability
  are as follows.
  - Microsoft Windows 2000 SP4
  - Microsoft Windows XP SP2, SP3
  - Microsoft Windows XP Professional x64 Edition, SP2
  - Microsoft Windows Server 2003 SP1, SP2
  - Microsoft Windows Server 2003 SP1, SP2 for Itanium-based Systems
  - Microsoft Windows Server 2003 x64 Edition, SP2
  - Windows Vista, SP1
  - Windows Vista x64 Edition
  - Windows Server 2008, x64 Edition, Itanium-based Systems
  
  Microsoft has announced an emergency security patch on October 23rd local time.
  
  http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
  
  If for any reason you cannot install the security patch, please check whether the
  TCP ports 139 and 445 are in use, and if they are not absolutely necessary, it is also
  possible to temporarily block them in the firewall.
  Because there is a possibility that the attack of malicious codes through this
  vulnerability will continuously emerge, we strongly encourage users to install the
  security patch (MS08-067).
  
  Currently in Japan, 9 malicious codes that use this vulnerability were found in
  certain sites, and INCA Internet?s Security Analysis & Response Center is undergoing
  an emergency update.
  
  If you suspect that your system has been infected, or if your system shows
  abnormal symptoms, you can diagnose whether your system is infected through
  nProtect?s homepage (www.nprotect.com), and the date of the product update
  which allows the diagnosis is from the October 24th, 2008 Emergency Update.
  
  (Author : INCA Internet?s Security Analysis & Response Center Jong-Hyun Moon)