Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Oct 2002
Posts: 364
C
Chem Offline OP
UGN News Staff
OP Offline
UGN News Staff
C
Joined: Oct 2002
Posts: 364
If you aren't aware of the latest Windows vulnerability detailed on July 16th: a bug in the RPC/DCOM service allows REMOTE ROOT ACCESS to your system. Exploits are already in the wild and I can pretty much guarantee it won't be long before a worm comes out that auto exploits this and causes a huge mess.

If you use Windows NT, 2000 or XP you are vulnerable. If you have a router or firewall, you likely cannot be exploited over the Internet but you should patch this all the same. The exploit can be delivered via port 135, 139 or 445 - these are all usually listening by default on Windows.

The current exploits are rather crude and usually result in RPC services crashing and the machine auto-rebooting - if you've seen a message informing you the system will auto-restart in 60 seconds or something similar, this is the exploit hitting your machine. If the attacker guessed your operating system correctly, they likely are already connected with full access to your system. You should install the patch ASAP and do an up to date virus scan and look for any suspicious programs running. It won't be long though before more sophisticated exploits take the form of worms that won't crash RPC services and attempt multiple times to gain access to your box.

You can get the patch from Microsoft here:
Windows NT 4.0 Server (or direct link )
Windows 2000 (or direct link )
Windows XP (or direct link )
of if you prefer, visit Windows Update and install all Critical Updates.

Microsoft TechNet Bulletin:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

To clarify: This bug can let an attacker run code on your system under the highest privileged account (SYSTEM) if your computer is connected directly to the Internet. Grab the patch now to avoid pain later.

Courtesy of: R1ch
Forwarded by: Chem


C++ Should Have Been Called "D"
Joined: Mar 2002
Posts: 197
P
Member
Offline
Member
P
Joined: Mar 2002
Posts: 197
From what i've seen and know, this exploit is beeing used a lot for the moment in the wild. Exploits are getting better as for example there is an universal exploit around, normally you would need for every windows version/language pack another "small piece of code" but this one fixes it.


Never argue with fools... They will only drag you down to their level, and beat you with experience...
Joined: Apr 2002
Posts: 212
Member
Offline
Member
Joined: Apr 2002
Posts: 212
on some of the boards I visit...it's MASS caos. Everybody is flippin out and stuff. It's f***ing hilarious.

Joined: Mar 2002
Posts: 1,273
DollarDNS Owner
Offline
DollarDNS Owner
Joined: Mar 2002
Posts: 1,273
microsoft and their exploits can kiss my router [censored].


Domain Registration, Hosting, Management
http://www.dollardns.net
Joined: Jun 2002
Posts: 62
Junior Member
Offline
Junior Member
Joined: Jun 2002
Posts: 62
i got hold of a exploit's code, it is simple and it works. it just shows just how vulnerable windows is. i tried it on a 2000 machine (one of mine!!) and it killed the rpc service but the machine never restarted. it just put me straight into the windows dir with full access. patch immediatly!


"Mrs. Jones, I'm sorry to inform you, but we've run the tests, and it appears that you have XP. Now don't cry - it's bad, but it's not a death sentence. Modern science has advanced in recent years, and it's now possible to live a reasonably happy life with XP. And there's a survivor's group that you'll want to meet as well."
Joined: Mar 2002
Posts: 536
Member
Offline
Member
Joined: Mar 2002
Posts: 536
[Linked Image]


"Hmm, they have the internet on computers now." - Homer Simpson
http://wired.promodtecnologies.com/

Link Copied to Clipboard
Member Spotlight
Posts: 43
Joined: November 2002
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
unreal 1
Crime 1
Ice 1
Dartur 1
Powered by UBB.threads™ PHP Forum Software 7.7.5