UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
September
Su M Tu W Th F Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
Sponsored Links
Latest Postings
The History Thread...
by Gremelin
09/18/14 09:42 AM
Doom 3
by Cyrez
09/11/14 08:58 PM
Latest Reviews
Topic Options
Rate This Topic
#37319 - 08/02/03 05:33 PM Windows Users: Important! Read This!
Chem Offline
UGN News Staff

Registered: 10/13/02
Posts: 364
Loc: Vagabond (Location Differs)
If you aren't aware of the latest Windows vulnerability detailed on July 16th: a bug in the RPC/DCOM service allows REMOTE ROOT ACCESS to your system. Exploits are already in the wild and I can pretty much guarantee it won't be long before a worm comes out that auto exploits this and causes a huge mess.

If you use Windows NT, 2000 or XP you are vulnerable. If you have a router or firewall, you likely cannot be exploited over the Internet but you should patch this all the same. The exploit can be delivered via port 135, 139 or 445 - these are all usually listening by default on Windows.

The current exploits are rather crude and usually result in RPC services crashing and the machine auto-rebooting - if you've seen a message informing you the system will auto-restart in 60 seconds or something similar, this is the exploit hitting your machine. If the attacker guessed your operating system correctly, they likely are already connected with full access to your system. You should install the patch ASAP and do an up to date virus scan and look for any suspicious programs running. It won't be long though before more sophisticated exploits take the form of worms that won't crash RPC services and attempt multiple times to gain access to your box.

You can get the patch from Microsoft here:
Windows NT 4.0 Server (or direct link )
Windows 2000 (or direct link )
Windows XP (or direct link )
of if you prefer, visit Windows Update and install all Critical Updates.

Microsoft TechNet Bulletin:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

To clarify: This bug can let an attacker run code on your system under the highest privileged account (SYSTEM) if your computer is connected directly to the Internet. Grab the patch now to avoid pain later.

Courtesy of: R1ch
Forwarded by: Chem
_________________________
C++ Should Have Been Called "D"

Top
Sponsored Links
      
#37320 - 08/02/03 06:00 PM Re: Windows Users: Important! Read This!
Predator Offline
Member

Registered: 03/01/02
Posts: 197
Loc: Belgium
From what i've seen and know, this exploit is beeing used a lot for the moment in the wild. Exploits are getting better as for example there is an universal exploit around, normally you would need for every windows version/language pack another "small piece of code" but this one fixes it.
_________________________
Never argue with fools... They will only drag you down to their level, and beat you with experience...

Top
#37321 - 08/11/03 06:18 PM Re: Windows Users: Important! Read This!
Rapture Offline
Member

Registered: 04/23/02
Posts: 212
Loc: Redwood
on some of the boards I visit...it's MASS caos. Everybody is flippin out and stuff. It's f***ing hilarious.

Top
#37322 - 08/11/03 06:58 PM Re: Windows Users: Important! Read This!
SilentRage Offline
DollarDNS Owner

Registered: 03/04/02
Posts: 1273
Loc: OH, USA
microsoft and their exploits can kiss my router ass.
_________________________
Domain Registration, Hosting, Management
http://www.dollardns.net

Top
#37323 - 08/11/03 07:52 PM Re: Windows Users: Important! Read This!
UndeadBob Offline
Junior Member

Registered: 06/11/02
Posts: 62
Loc: UK
i got hold of a exploit's code, it is simple and it works. it just shows just how vulnerable windows is. i tried it on a 2000 machine (one of mine!!) and it killed the rpc service but the machine never restarted. it just put me straight into the windows dir with full access. patch immediatly!
_________________________
"Mrs. Jones, I'm sorry to inform you, but we've run the tests, and it appears that you have XP. Now don't cry - it's bad, but it's not a death sentence. Modern science has advanced in recent years, and it's now possible to live a reasonably happy life with XP. And there's a survivor's group that you'll want to meet as well."

Top
#37324 - 08/12/03 03:00 PM Re: Windows Users: Important! Read This!
Deviation187 Offline
Member

Registered: 03/26/02
Posts: 536
Loc: L.A Cal.
_________________________
"Hmm, they have the internet on computers now." - Homer Simpson
http://wired.promodtecnologies.com/

Top

Featured Member
Registered: 08/22/14
Posts: 1
Forum Stats
2148 Members
46 Forums
34532 Topics
69702 Posts

Max Online: 1567 @ 04/25/10 02:20 AM
Top Posters
UGN Security 27694
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Tim050, Gecko666, defghi795767, Devo60, ali
2148 Registered Users
Who's Online
0 registered (), 376 Guests and 291 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!