Computing.Net > Forums > Security and Virus > Security Alert

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Security Alert

Reply to Message Icon

Name: wawadave
Date: September 11, 2003 at 19:47:53 Pacific
OS: IBI (i built it) win 3.1-
CPU/Ram: 1.3 gig amd /512 ram
Comment:

Security Alert, September 11, 2003

Arbitrary Code Execution and Denial of Service in Microsoft RPCSS
eEye Digital Security, NSFOCUS Security Team, and Xue Yong Zhi and
Renaud Deraison from Tenable Network Security have discovered that
three new vulnerabilities exist in the part of the Remote Procedure
Call Subsystem (RPCSS) Service that deals with RPC messages for
Distributed COM (DCOM) activation. Two of these vulnerabilities could
allow arbitrary code execution on the vulnerable system. The third
vulnerability could result in a Denial of Service (DoS) condition.
Microsoft has released security bulletin MS03-039, "Buffer Overrun In
RPCSS Service Could Allow Code Execution (824146)," which addresses
these vulnerabilities, and recommends that affected users immediately
apply the appropriate patch listed in the bulletin. This patch
supercedes the patch listed in Microsoft Security Bulletin MS03-026.
http://www.secadministrator.com/Articles/Index.cfm?ArticleID=40255



Sponsored Link
Ads by Google

Response Number 1
Name: wawadave
Date: September 11, 2003 at 22:16:49 Pacific
Reply:

Critical Update for Microsoft Windows

New RPC flaw discovered and patched
http://www.microsoft.com/security/security_bulletins/ms03-039.asp

Microsoft has announced a patch for a serious security flaw affecting Microsoft Windows NT, Windows 2000, Windows XP, and Windows Server 2003.

This is a flaw very similar to the RPC flaw announced in July that led to the MSBlaster email worm, and it can lead to the exact same exploit. Be aware that even if you have installed the patch available in July, you still need to download and install this new patch.

The MSBlaster worm, which was released after someone published detailed instructions to a security mailing list showing how to exploit the previous RPC flaw, caused severe problems all across the internet. SpywareInfo asks all readers running effected versions of Windows to please install this patch as soon as possible.

Patch availability
You can download this patch at WindowsUpdates, or at one of the locations listed below.

Download locations for this patch
Windows NT Workstation 4.0
Windows NT Server 4.0
Windows NT Server 4.0, Terminal Server Edition
Windows 2000
Windows XP
Windows XP 64 bit Edition
Windows XP 64 bit Edition Version 2003
Windows Server 2003
Windows Server 2003 64 bit Edition


0
Reply to Message Icon

Related Posts

See More







Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Security and Virus Forum Home


Sponsored links

Ads by Google


Results for: Security Alert

Security Alert www.computing.net/answers/security/security-alert/18899.html

Security Alert Popup annoyance www.computing.net/answers/security/security-alert-popup-annoyance/21336.html

Security Alert! www.computing.net/answers/security/security-alert/18933.html