Security experts today called for Windows users to immediately patch one of the 26 vulnerabilities Microsoft disclosed two days ago. SANS’ Internet Storm Center (ISC) raised its threat level to Yellow as a signal of the seriousness of the bug, which is now being actively used in “Internet wide” scans to crash Windows systems. Among the more recent incidents that triggered a Yellow alert from the ISC was last year’s Heartbleed vulnerability
“We are seeing active exploits hitting our honeypots,” SANS said in a warning on its website.Microsoft released a patch for the now-exploited vulnerability on Tuesday as part of its monthly security slate. The update, designated MS15-034, was rated “critical,” Microsoft’s most serious threat level. Windows 7, Windows 8, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2 are affected by the flaw, Microsoft said.