In a rare alert, the U.S. Department of Homeland Security has urged Windows users to plug a potential worm hole in the Microsoft operating system. The agency, which also runs the United States Computer Emergency Readiness Team (US-CERT), sent out a news release on Wednesday recommending that people apply Microsoft’s MS06-040 patch as quickly as possible. The software maker released the “critical” fix Tuesday as part of its monthly patch cycle.

“Users are encouraged to avoid delay in applying this security patch,” the Department of Homeland Security said in the statement. The patch fixes a serious flaw that, if exploited, could enable an attacker to remotely take complete control of an affected system, the agency said.

The flaw has some similarities to the Windows bug that enabled the notorious MSBlast worm to spread in 2003. Both security vulnerabilities are related to a Windows component called “remote procedure call,” which provides support for networking features such as file sharing and printer sharing.

View: Microsoft Security Bulletin MS06-040
View: Full Story
Source: C|Net News via MSFN