RomeoTangoFoxtrotMike
11th Sep 2003, 18:01
It had to happen... there is a new Microsoft security vulnerability, again related to RPC, but different from the last vulnerability, which was responsible for the MSBlast and Nachi worms, and agin could result in a remote system compromise.
The full range of NT based products is affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server(r) 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Windows 95/8/ME are not affected.
More details for this vulnerability, and the download location for the patch, can be found here:
http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
If you haven't already done so, you might want to consider blocking the ports used for Windows LAN services on your firewall, ie UDP ports 135, 137, 138, 445
and TCP ports 135, 139, 445, 593.
If you have just finished the process of patching for the previous
RPC vulnerability (MS03-026), you will need to go and do it all over again for this one :uhoh:
If you haven't yet patched for the previous RPC vulnerability, you can use the new patch as it includes the previous patch (MS03-026) as well as the new one.
:mad:
The full range of NT based products is affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server(r) 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Windows 95/8/ME are not affected.
More details for this vulnerability, and the download location for the patch, can be found here:
http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
If you haven't already done so, you might want to consider blocking the ports used for Windows LAN services on your firewall, ie UDP ports 135, 137, 138, 445
and TCP ports 135, 139, 445, 593.
If you have just finished the process of patching for the previous
RPC vulnerability (MS03-026), you will need to go and do it all over again for this one :uhoh:
If you haven't yet patched for the previous RPC vulnerability, you can use the new patch as it includes the previous patch (MS03-026) as well as the new one.
:mad: