MS08-067 RPC Vulnerability


Last night I got the word that our director wanted MS08-067 patched ASAP, so I went into work to patch our servers and develop a script to deploy it to the workstations. We don’t utilize tools such as SCM, and our WSUS deployment isn’t ready for use, so we needed something quick and dirty.

I developed a VBScript that ran on login to execute the proper patch for 2000 or XP if the user was an administrator. All of our employees are local administrators (much to my chagrin), whereas another group of our customers are simply restricted users that log into DeepFreeze machines. Whats more, the DeepFreeze machines are not under my departments control. As a result, not all machines have been patched.

It is interesting to note, however, that the first worms have already hit the net. I’m hoping we won’t see a repeat of Blaster, because that was absolutely aweful.

Leave a Reply