A "zero-day" Windows exploit has been discovered as of yesterday. You can track the discovery and analysis of this on various security and Internet-operations websites. From our observations, this exploit can affect FULLY PATCHED servers, despite claims to the contrary by Microsoft. It was discovered on one of our hosting servers yesterday, which was fully patched (including update KB835732).

There are no current virus scanning signatures for this exploit (on the server side) so it must be manually discovered. We strongly suggest that owners of colocated Microsoft Windows servers take whatever precautions they can, as they become available. We also suggest that server owners read the above referenced web pages to learn how to spot the exploit, and disable it. Take this knowledge and closely search and monitor your systems, both here at digital.forest and on your local networks.

We are updating our intrusion detection systems to monitor for this exploit, but given that it is still unknown how this exploit gets onto servers we'll only be able to spot already infected machines. If we find them, the server owners will be notified.

Thank you for your cooperation and understanding.