Microsoft Update MS08-067
Microsoft has released a bulletin to certain partners dated October 23, 2008 regarding a patch MS08-067 that patches a vulnerability in the server service that could allow remote code execution from an unauthenticated user. You can view more about it here: http://www.microsoft.com/technet/security/Bulletin...
Altiris has worked through the night and released the update and if your pmimport.cab download has run for today, then you should see MS08-067 in Tasks> Software Management> Patch Management> Manage Software Updates.
If your pmimport.cab has not updated then you should manually kick off this job by going to Configuration> Software Management> Patch Management> Server Settings> Microsoft Settings and right click on Microsoft Patch Management Import and select Start download task from the menu.
If you left click on Microsoft Patch Management Import and click the History tab you can check your pmimport.cab version. 6.2.1236.1 is the version that contains the ms08-067 update. Once the pmimport.cab is updated you can head over to Tasks> Software Mangement> Patch Management> Manage Software Updates and Stage the MS08-067 update and then deploy to your defined collections.
I apologize for not having screenshots but this was important.
About Endpoint Management and Virtualization Community Blog
The Endpoint Management & Virtualization Community Blog is the perfect place to share short, timely insights including product tips, news and other information relevant to the Endpoint Management & Virtualization community. Any authenticated Connect member can contribute to this blog.
Patch to deploy asap
That's true, this patch is really important. Reading articles listed below is clear about the high priority to deploy .
[quote]Critical vulnerability in Server Service has only been patched by Microsoft (MS08-067), as a new worm called Gimmiv.A has found to be exploiting it in-the-wild.[/quote]
Take a look on these articles:
Gimmiv.A (MS08-067) Worm in the Wild
Trojan exploiting MS08-067 RPC vulnerability
thanks, but....
Thanks for the info, but I have a question. I'm new to Altiris, and to this website, so I apologize if I'm asking this in the "wrong place". I've been wanting to push out this patch fot the last few days, but I noticed it's not showing up in my patch list. I followed your instructions and see that the import has been running daily, but it keeps importing version 6.2.1235.1. How do I get it to download 6.2.1236.1? Any info/advice is appreciated! ...Ow
If your pmimport.cab has
If your pmimport.cab has not updated then you should manually kick off this job by going to Configuration> Software Management> Patch Management> Server Settings> Microsoft Settings and right click on Microsoft Patch Management Import and select Start download task from the menu.
That covers kicking off the PMimport.cab to download. If you are having issues with it not updating to 1236 I would contact Altiris Support.
Would you like to reply?
Login or Register to post your comment.