|
Windows Home Server, SBS Also Vulnerable to Recent Flaw |
|
|
|
|
Written by David Noel-Davies
|
|
Earlier this month, Microsoft
reported that various versions of Windows were vulnerable to an Internet Group
Management Protocol (IGMP) flaw that could let hackers remotely execute code on
unprotected systems. Missing from the list of affected Windows versions,
however, was Windows Home Server (WHS) and Small Business Server (SBS). This
week, Microsoft corrected that mistake, noting that WHS and SBS are affected by
the flaw and are potentially even more at risk than certain desktop Windows
versions.
"Supported editions of Windows Small Business Server 2003 and Windows Home
Server contain the same affected code as Windows Server 2003," a notice about
the flaw now reads. "Windows Small Business Server and Windows Home Server
configurations have IGMP enabled by default and will result in a greater
exposure to the same vulnerability. Therefore, while Windows Server 2003 is
rated as having a severity rating of Important, Windows Small Business Server
2003 and Windows Home Server merit a severity rating of Critical."
Microsoft now provides a downloadable security update for SBS and WHS to correct
this problem, which affects SBS 2003 with SP1, SBS 2003 R2, SBS 2003 R2 SP2, and
WHS. This update is available via Windows Update and directly from the Microsoft
Web site.
www.microsoft.com/technet/security/Bulletin/MS08-001.mspx
|
