Microsoft's new security update - urgent vulnerability affecting millions of PC users

Chenxi Wang

Microsoft just released an out-of-band security update, addressing a remote code execution vulnerability affecting, Microsoft Windows 2000, XP, Windows Server 2003, Vista, and Server 2008, virtually all Microsoft computing platforms out there.

This vulnerability allows unauthorized remote code execution (in XP and earlier) via SMB (server message block) communication. In Vista and later, the code execution must past an authentication.

There are over one billion Windows personal computers worldwide. Approximately 180 million of those are Vista. So that leaves about 820 million computers vulnerable to an anonymous remote code execution, which is a serious vulnerability. Given the magnitude of Microsoft's install base there, the situation is grave indeed. This is why Microsoft is taking the extraordinary step to issue an out-of-band security update to address this situation.

Read more