14 DAY TRIAL // Security companies and home users of Windows operating system and of the adjacent programs have reported problems accessing the Internet through a dial-up connection after installing the 12 security patches package released Tuesday by Microsoft.
The source of all problems is patch MS06-025. This although, in a press bulletin posted on its site, the company states:" The software in this list (includes the patch with problems) has been tested to determine whether the versions are affected. Other versions either no longer include security update support or may not be affected." But Microsoft seems to have gone no further with the tests as the bug was discovered by users who were trying to fix the critical vulnerability in Routing and Remote Access Service and succeeded in killing their dial-up connection.
The users that will not apply the patch in order to keep their dial-up connection alive have received advice to restrict access to the ports associated with the Routing and Remote Access Service vulnerability that allows Remote Code Execution. These are: TCP ports 135, 139, 445, and 593; and UDP ports 135, 137, 138, and 445. Furthermore the users were warned to carefully monitor all unsolicited inbound traffic coming in on ports greater than UDP/TCP port 1024.
Microsoft has confirmed the existence of the bug and is working on a new patch that will be released at an unknown date. So far, no official comment from Microsoft has been made.