Carnegie Mellon University
October 24, 2008

Security Alert: Critical Microsoft Security Update MS08-067 for Windows Users

Notification emails are being sent to owners of computers missing the update as detected by network scanning (Pittsburgh campus only).  The messages instruct owners to take action and notify Computing Services before the grace period ends.  If the grace period elapses without owners notifying Computing Service of their actions, then network access will be suspended to protect the vulnerable machine and the rest of the campus network.

Windows computers running Microsoft Windows may be vulnerable to exploits. This vulnerability may allow an unauthorized attacker to take complete control of an affected system that is connected to a network without any end user action. PLEASE PATCH AND REBOOT ASAP.

For What You Need To Do, see Security Alert - Critical Microsoft Security Update MS08-067 for Windows Users.