Tech Alert Briefing for 9/11/2003
Patch Issued for Serious Windows Flaws
Microsoft released a new patch to fix what it calls a critical vulnerability in it's Remote Procedure Call (RPC) service that couldallow an attacker to take over a user's system and potentially launch a Denial of Service (DoS) attack.
The vulnerability is serious and experts are predicting that virus writers will soon release a new worm to exploit unpatched systems.The vulnerabilities are similar in severity to those that produced the LovSan/Blaster worm that innudated networks worldwide with massive amounts of spam mail.
Microsoft is urging individual users and network administrators to immediately patch their systems or put into place workarounds until all patches can be made.
Some of the workarounds include:
- Blocking UDP ports 135, 137, 138 and 445 at the firewall;
- Blocking TCP ports 135, 139, 445 and 593 at the firewall;
- Disabling DCOM services;
- Disabling RPC over HTTP, which listens on ports 80 and 443;
- Disabling COM Internet Services
In addition to the patch and several workarounds, Microsoft has also released a network scanning tool to find systems that don't have the patch installed.
Read Microsoft's Security Bulletin and get the patch here.
Additional warnings from Homeland Security
Previous Tech Alerts
First published on 09/10/2003