Usually Microsoft Security Updates are released regularly on “Patch-Tuesday” each month. An hour ago Microsoft released an out-of-band security update.

It fixes are remote code execution vulnerability in Server Service. In other words, if your Windows Box is directly connected to the Internet, a bad guy could execute arbitrary code on your machine just by sending you some specially crafted RPC request. Do you remember Code Red, Nimda, SQLSlammer or Blaster? This vulnerability seems to be as bad.

BTW, if you’re running Windows Vista or Windows Server 2008 you do not need to hurry. An attacker needs to authenticate first to exploit the vulnerability.

Details: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx