Monday update on Microsoft Security Advisory 935964

Hello everyone, this is Christopher Budd.

I wanted very quickly to update you with some new, important, information that we have on this situation.

Our ongoing monitoring in conjunction with our MSRA partners indicates that we are seeing a new attack that is attempting to exploit this vulnerability. At this time, the attack does not appear widespread.

As part of our Software Security Incident Response Process (SSIRP), we continue to work through a variety of channels to encourage customers to quickly deploy the workarounds provided in the Advisory.  By quickly deploying the workarounds customers can mitigate the risk of an effective attack on their networks.

Once again, we want to strongly advise customers to deploy the workarounds in their environment as soon as possible. In particular, we’re encourage customers to deploy the registry key workaround. Also, we strongly urge customers to deploy the latest signatures for their security products.

Our teams are continuing to work around the clock on a security update for this issue, but we are advising customers to deploy the workarounds immediately while we continue that work. And we’re constantly monitoring the situation along with our MSRA partners. As soon as we have any new information, we’ll update you through the advisory and the MSRC weblog.



*This posting is provided “AS IS” with no warranties, and confers no rights.*