If you haven't patched your Windows machine to fix the August vulnerabilities, better get to it now.  Network scanning for the Server Service vulnerability is picking up, and it is now a matter of days or hours before a worm is distributed.

Here is what security experts are advising in relation to the MS06-040 / Server Service vulnerabiltiy:

---- Identify PCs vulnerable to attack by running the free scanning tool offered by eEye Digital Security. The tool, which comes in two versions -- one capable of scanning 16 machines simultaneously, the other up to 256 computers -- can be downloaded free of charge from the eEye site.

---- Patch all vulnerable systems using Microsoft-based mechanisms -- including Windows Update and Windows Server Update Services (WSUS) -- or third-party patch managers such as Shavlik's HFNetChkPro, Patchlink's PatchLink Update, and BigFix Enterprise Suite Patch Management. Those manually downloading the patch will find it here.

---- If administrators or users are unable to patch, Microsoft recommended that they block TCP ports 139 and 445 at the firewall.

---- Additionally, Microsoft told users that they could defend unpatched systems by barring any unsolicited inbound traffic, or blocking the affected ports by applying Internet Protocol security (IPsec).

"Hacker activity has been light for the MS06-040 exploitation to date," said iDefense's Dunham, "but will likely increase with the advent of this coming weekend. Networks should be diligent to patch all Internet facing computers for MS06-040 ASAP."

To read about increased network scanning, follow the link below:

MS06-040: BOLO -- Be On the LookOut, (Mon, Aug 14th) - Over the weekend there was a botnet doing fairly wide scale scanning for hosts a ...(more)... [SANS Internet Storm Center]