Windows Users: Important! Read This! - 08/03/03 12:33 AM
If you aren't aware of the latest Windows vulnerability detailed on July 16th: a bug in the RPC/DCOM service allows REMOTE ROOT ACCESS to your system. Exploits are already in the wild and I can pretty much guarantee it won't be long before a worm comes out that auto exploits this and causes a huge mess.
If you use Windows NT, 2000 or XP you are vulnerable. If you have a router or firewall, you likely cannot be exploited over the Internet but you should patch this all the same. The exploit can be delivered via port 135, 139 or 445 - these are all usually listening by default on Windows.
The current exploits are rather crude and usually result in RPC services crashing and the machine auto-rebooting - if you've seen a message informing you the system will auto-restart in 60 seconds or something similar, this is the exploit hitting your machine. If the attacker guessed your operating system correctly, they likely are already connected with full access to your system. You should install the patch ASAP and do an up to date virus scan and look for any suspicious programs running. It won't be long though before more sophisticated exploits take the form of worms that won't crash RPC services and attempt multiple times to gain access to your box.
You can get the patch from Microsoft here:
Windows NT 4.0 Server (or direct link )
Windows 2000 (or direct link )
Windows XP (or direct link )
of if you prefer, visit Windows Update and install all Critical Updates.
Microsoft TechNet Bulletin:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp
To clarify: This bug can let an attacker run code on your system under the highest privileged account (SYSTEM) if your computer is connected directly to the Internet. Grab the patch now to avoid pain later.
Courtesy of: R1ch
Forwarded by: Chem
If you use Windows NT, 2000 or XP you are vulnerable. If you have a router or firewall, you likely cannot be exploited over the Internet but you should patch this all the same. The exploit can be delivered via port 135, 139 or 445 - these are all usually listening by default on Windows.
The current exploits are rather crude and usually result in RPC services crashing and the machine auto-rebooting - if you've seen a message informing you the system will auto-restart in 60 seconds or something similar, this is the exploit hitting your machine. If the attacker guessed your operating system correctly, they likely are already connected with full access to your system. You should install the patch ASAP and do an up to date virus scan and look for any suspicious programs running. It won't be long though before more sophisticated exploits take the form of worms that won't crash RPC services and attempt multiple times to gain access to your box.
You can get the patch from Microsoft here:
Windows NT 4.0 Server (or direct link )
Windows 2000 (or direct link )
Windows XP (or direct link )
of if you prefer, visit Windows Update and install all Critical Updates.
Microsoft TechNet Bulletin:
http:/
To clarify: This bug can let an attacker run code on your system under the highest privileged account (SYSTEM) if your computer is connected directly to the Internet. Grab the patch now to avoid pain later.
Courtesy of: R1ch
Forwarded by: Chem
![[Linked Image]](http://wired.promodtecnologies.com/Pictures/image.GIF)