Computing.Net > Forums > Security and Virus > Security Alert

Computing.Net: Over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to sign up now, it's free!

Security Alert

Reply to Message Icon
Original Message
Name: wawadave
Date: September 11, 2003 at 19:47:53 Pacific
Subject: Security Alert
OS: IBI (i built it) win 3.1-
CPU/Ram: 1.3 gig amd /512 ram
Comment:

Security Alert, September 11, 2003

Arbitrary Code Execution and Denial of Service in Microsoft RPCSS
eEye Digital Security, NSFOCUS Security Team, and Xue Yong Zhi and
Renaud Deraison from Tenable Network Security have discovered that
three new vulnerabilities exist in the part of the Remote Procedure
Call Subsystem (RPCSS) Service that deals with RPC messages for
Distributed COM (DCOM) activation. Two of these vulnerabilities could
allow arbitrary code execution on the vulnerable system. The third
vulnerability could result in a Denial of Service (DoS) condition.
Microsoft has released security bulletin MS03-039, "Buffer Overrun In
RPCSS Service Could Allow Code Execution (824146)," which addresses
these vulnerabilities, and recommends that affected users immediately
apply the appropriate patch listed in the bulletin. This patch
supercedes the patch listed in Microsoft Security Bulletin MS03-026.
http://www.secadministrator.com/Articles/Index.cfm?ArticleID=40255


Report Offensive Message For Removal


Response Number 1
Name: wawadave
Date: September 11, 2003 at 22:16:49 Pacific
Reply: (edit)

Critical Update for Microsoft Windows

New RPC flaw discovered and patched
http://www.microsoft.com/security/security_bulletins/ms03-039.asp

Microsoft has announced a patch for a serious security flaw affecting Microsoft Windows NT, Windows 2000, Windows XP, and Windows Server 2003.

This is a flaw very similar to the RPC flaw announced in July that led to the MSBlaster email worm, and it can lead to the exact same exploit. Be aware that even if you have installed the patch available in July, you still need to download and install this new patch.

The MSBlaster worm, which was released after someone published detailed instructions to a security mailing list showing how to exploit the previous RPC flaw, caused severe problems all across the internet. SpywareInfo asks all readers running effected versions of Windows to please install this patch as soon as possible.

Patch availability
You can download this patch at WindowsUpdates, or at one of the locations listed below.

Download locations for this patch
Windows NT Workstation 4.0
Windows NT Server 4.0
Windows NT Server 4.0, Terminal Server Edition
Windows 2000
Windows XP
Windows XP 64 bit Edition
Windows XP 64 bit Edition Version 2003
Windows Server 2003
Windows Server 2003 64 bit Edition


Report Offensive Follow Up For Removal







Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Security and Virus Forum Home





Specialty Forums
Security and Virus
General Hardware
CPUs/Overclocking
Networking
Digital Photo/Video
Office Software
PC Gaming
Console Gaming
Programming
Database
Web Development
Digital Home

The Lounge

Drivers
Driver Scan
Driver Forum

Software
Automatic Updates

BIOS Updates

My Computing.Net

Howtos
General Forums
Windows XP
Windows Vista
Windows 95/98
Windows Me
Windows NT
Windows 2000
Win Server 2008
Win Server 2003
Windows 3.1
Linux
PDAs
BeOS
Novell Netware
OpenVMS
Solaris
Disk Op. System
Unix
Mac
OS/2

Site Search

Message Find

Data Recovery

About


Do you own an iPhone?

Yes
No, but soon
No


View Results

Poll Finishes In 7 Days.
Discuss in The Lounge
Poll History


unsure of which cpu heatsink/fan

Discuss: Rise of iPhone?

IE cannot resolve web address

MYOB RetailManager & EFTPOS Machine

my pc will not trun on

All Awaiting Reply


Data Recovery Software