First reported in January, 2008, a bug in the Microsoft Small Business Server home-based product Windows Home Server continues to need patching.  Initially, this particular version had not been mentioned in the reports by Microsoft, who thought that only Microsoft Small Business Server was affected, but soon it became apparent that this product was also at risk.  

While the problems have been patched, Microsoft continues to look at design issues that created this problem in the first place as it prepares to create new products.  According to the notice, supported editions of Microsoft Small Business Server 2003 and Windows Home Server contained the same code as Windows Server 2003, which was the origin of the initial issue with the product.  This code combined with some default settings for Internet Group Management Protocol that are enabled unless settings are changed manually meant the product experienced some problems.  

Those that were taking advantage of the vulnerability could send malicious data packets to Microsoft Small Business Server users who would then be infected with malware or have their systems controlled by an outside user.  

Windows Home Server owners received the patch via update mechanism in January, but Microsoft continues to advise new and old users – even 7 months later – to make sure they are checking their Microsoft Small Business Server regularly for updates.

Added By:  Computer Consulting Kit