Both of them are bad news — unpatched vulnerabilities allowing remote code execution. Microsoft has also stated in each of the security advisories:
We are aware of attacks attempting to exploit the vulnerability.
That’s bad news. At this time I’m writing this, the Internet Storm Center is already reporting more than two million infections in China alone.
While there are currently no patches, Microsoft has published workarounds for these issues. They involve setting a grand total of 47 killbits of Class Identifiers. This might be okay if you have only one PC and a couple hours to kill. For those of us who work in large organizations with hundreds or thousands of PCs, that’s just not feasible.
I have posted two administrative templates that can be used in group policy objects (GPOs) to automate this. They can be downloaded here:
For those who may not be used to using their own administrative templates to push out registry settings like this, I’ve recorded a video for you. I hope it’s helpful!
- If your screen isn’t “wide” enough, you can watch the video here instead.