Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#37319 - 08/03/03 12:33 AM Windows Users: Important! Read This!  
Joined: Oct 2002
Posts: 364
Chem Offline
UGN News Staff
Chem  Offline
UGN News Staff

Joined: Oct 2002
Posts: 364
Vagabond (Location Differs)
If you aren't aware of the latest Windows vulnerability detailed on July 16th: a bug in the RPC/DCOM service allows REMOTE ROOT ACCESS to your system. Exploits are already in the wild and I can pretty much guarantee it won't be long before a worm comes out that auto exploits this and causes a huge mess.

If you use Windows NT, 2000 or XP you are vulnerable. If you have a router or firewall, you likely cannot be exploited over the Internet but you should patch this all the same. The exploit can be delivered via port 135, 139 or 445 - these are all usually listening by default on Windows.

The current exploits are rather crude and usually result in RPC services crashing and the machine auto-rebooting - if you've seen a message informing you the system will auto-restart in 60 seconds or something similar, this is the exploit hitting your machine. If the attacker guessed your operating system correctly, they likely are already connected with full access to your system. You should install the patch ASAP and do an up to date virus scan and look for any suspicious programs running. It won't be long though before more sophisticated exploits take the form of worms that won't crash RPC services and attempt multiple times to gain access to your box.

You can get the patch from Microsoft here:
Windows NT 4.0 Server (or direct link )
Windows 2000 (or direct link )
Windows XP (or direct link )
of if you prefer, visit Windows Update and install all Critical Updates.

Microsoft TechNet Bulletin:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

To clarify: This bug can let an attacker run code on your system under the highest privileged account (SYSTEM) if your computer is connected directly to the Internet. Grab the patch now to avoid pain later.

Courtesy of: R1ch
Forwarded by: Chem


C++ Should Have Been Called "D"
Sponsored Links
#37320 - 08/03/03 01:00 AM Re: Windows Users: Important! Read This!  
Joined: Mar 2002
Posts: 197
Predator Offline
Member
Predator  Offline
Member

Joined: Mar 2002
Posts: 197
Belgium
From what i've seen and know, this exploit is beeing used a lot for the moment in the wild. Exploits are getting better as for example there is an universal exploit around, normally you would need for every windows version/language pack another "small piece of code" but this one fixes it.


Never argue with fools... They will only drag you down to their level, and beat you with experience...
#37321 - 08/12/03 01:18 AM Re: Windows Users: Important! Read This!  
Joined: Apr 2002
Posts: 212
Rapture Offline
Member
Rapture  Offline
Member

Joined: Apr 2002
Posts: 212
Redwood
on some of the boards I visit...it's MASS caos. Everybody is flippin out and stuff. It's f***ing hilarious.

#37322 - 08/12/03 01:58 AM Re: Windows Users: Important! Read This!  
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage  Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
microsoft and their exploits can kiss my router ass.


Domain Registration, Hosting, Management
http://www.dollardns.net
#37323 - 08/12/03 02:52 AM Re: Windows Users: Important! Read This!  
Joined: Jun 2002
Posts: 62
UndeadBob Offline
Junior Member
UndeadBob  Offline
Junior Member

Joined: Jun 2002
Posts: 62
UK
i got hold of a exploit's code, it is simple and it works. it just shows just how vulnerable windows is. i tried it on a 2000 machine (one of mine!!) and it killed the rpc service but the machine never restarted. it just put me straight into the windows dir with full access. patch immediatly!


"Mrs. Jones, I'm sorry to inform you, but we've run the tests, and it appears that you have XP. Now don't cry - it's bad, but it's not a death sentence. Modern science has advanced in recent years, and it's now possible to live a reasonably happy life with XP. And there's a survivor's group that you'll want to meet as well."
Sponsored Links
#37324 - 08/12/03 10:00 PM Re: Windows Users: Important! Read This!  
Joined: Mar 2002
Posts: 536
Deviation187 Offline
Member
Deviation187  Offline
Member

Joined: Mar 2002
Posts: 536
L.A Cal.


"Hmm, they have the internet on computers now." - Homer Simpson
http://wired.promodtecnologies.com/

Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,514
Posts82,684
Average Daily Posts8
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,678
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)