Go Back  PPRuNe Forums > Misc. Forums > Computer/Internet Issues & Troubleshooting
Reload this Page >

New Microsoft Security Vulnerability

Wikiposts
Search
Computer/Internet Issues & Troubleshooting Anyone with questions about the terribly complex world of computers or the internet should try here. NOT FOR REPORTING ISSUES WITH PPRuNe FORUMS! Please use the subforum "PPRuNe Problems or Queries."

New Microsoft Security Vulnerability

Thread Tools
 
Search this Thread
 
Old 11th Sep 2003, 18:01
  #1 (permalink)  
Thread Starter
 
Join Date: Mar 2002
Location: London, UK
Posts: 437
Likes: 0
Received 0 Likes on 0 Posts
Exclamation New Microsoft Security Vulnerability

It had to happen... there is a new Microsoft security vulnerability, again related to RPC, but different from the last vulnerability, which was responsible for the MSBlast and Nachi worms, and agin could result in a remote system compromise.

The full range of NT based products is affected:

Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server(r) 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003

Windows 95/8/ME are not affected.

More details for this vulnerability, and the download location for the patch, can be found here:
http://www.microsoft.com/technet/sec...n/MS03-039.asp

If you haven't already done so, you might want to consider blocking the ports used for Windows LAN services on your firewall, ie UDP ports 135, 137, 138, 445
and TCP ports 135, 139, 445, 593.

If you have just finished the process of patching for the previous
RPC vulnerability (MS03-026), you will need to go and do it all over again for this one

If you haven't yet patched for the previous RPC vulnerability, you can use the new patch as it includes the previous patch (MS03-026) as well as the new one.

RomeoTangoFoxtrotMike is offline  
Old 11th Sep 2003, 20:26
  #2 (permalink)  
BRL
 
Join Date: Oct 2000
Location: Brighton. UK. (Via Liverpool).
Posts: 5,068
Likes: 0
Received 0 Likes on 0 Posts
Thanks for the heads up mate. All done and dusted. Cheers.
BRL is offline  
Old 12th Sep 2003, 01:46
  #3 (permalink)  
The Oracle
 
Join Date: Aug 2001
Location: Naples, Florida U.S.A.
Posts: 2,902
Likes: 0
Received 0 Likes on 0 Posts
RomeoTangoFoxtrotMike,

Nice job!

Reading all the latest vulnerabilities being exploited, reinforces the need for Firewalls.

Anyone that does not have a firewall setup should think about getting one.

The best solution is a hardware firewall, especially for anyone with a broadband, always on, connection to the net. The money spent on a router is well worth it for the added security you get.

Take Care,

Richard
Naples Air Center, Inc. is offline  
Old 12th Sep 2003, 01:47
  #4 (permalink)  
Thread Starter
 
Join Date: Mar 2002
Location: London, UK
Posts: 437
Likes: 0
Received 0 Likes on 0 Posts
Richard,

Thank-you and you're welcome

I agree about the poor quality of software firewalls, at least the "general purpose" versions sold to go on general purpose computers.

I'm off for a well-earned beer now , having been grappling with the side-effects of this all day (more "political" than technical )

Will post a little something on the subject of firewalls later.

[ Edited, as our posts crossed ]
RomeoTangoFoxtrotMike is offline  
Old 12th Sep 2003, 03:23
  #5 (permalink)  
 
Join Date: Jun 2000
Location: Geriatrica, UK
Posts: 1,003
Likes: 0
Received 0 Likes on 0 Posts
RTFM, thanks.

Having already this week rebuilt Win 2000 on two desktops and three laptops I was a frequent visitor to the MS Update site and noticed the new Security Fix KB824146. So they are right on to it.

As to Richard's comment about Hardware vs Software Firewalls, I run ZoneAlarmPro behind the hardware firewall of my Router and wonder why I bother because the log never shows any activity.

Unless I'm taking a laptop on the road, of course, and then it's another matter.

On the LAN, ZAPro just makes a fuss about all the programs I want to run and during the "learning" phase keeps asking if its OK.

Still, best to humour it, I suppose. (Sorry about the spelling, Richard )
fobotcso is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.