This one is scary for some of us

I can't believe I did not receive an email alert on this one.  But, apparently the department of Homeland Security has issued a warning stating that the Microsoft Security Bulletin MS06-040 patch needs to get bumped up to the top of the pile.  Why?  Because the vulnerabilities surrounding this security bulletin have to do with Ports 139 and 445.  These ports are generally blocked at the gateway firewall, but not blocked internally.  All good.  But....

If you work in a very large WAN environment where internal firewalls are few and far between, this could be a real bummer.  In a government environment not every agency can afford to firewall their agency LAN environments, relying on the state to provide firewalling.  Guess what?  The "state" doesn't really have the authority to firewall individual agency LAN environments.  So while the WAN maybe protected from outside malware, internally the state agencies are vulnerable.  This is a serious problem.  All you need is for some system to become infected with the malware that exploits this vulnerability and wham-bam the entire WAN is infected internally.

At any rate, we do weekly patching, so I am not too worried.  However I did request a report from my people.  I want to know if every single server and desktop was successfully patched this week.  I don't want any surprises.