Another Critical Security flaw found in Microsoft Windows operating systems!
This question was answered on July 19, 2003. Much of the information contained herein may have changed since posting.
Once again Microsoft users are affected by a new vulnerability that has been found this week
Microsoft OS's (NT, XP, 2k & 2003 Server) were warned this week of a buffer overrun in the RPC (Remote Procedure Call) interface that may allow malicious code to be executed RPC is a protocol used by the Windows operating system that provides an inter-process communication
mechanism that allows a program running on one computer to seamlessly execute code on a remote system The protocol itself is derived from the OSF (Open Software Foundation) RPC protocol, but with the addition of some Microsoft specific extensions
To exploit this ulnerability, the attacker would require the ability to send a specially crafted request to port 135 on the remote machine Microsoft encourages all customers to review the Security Bulletins to keep optimal security The risk is considered ‘critical’ which is the highest security breach they have
Download locations for this patch:
The patches for all Windows systems are available via:
The complete technical details are posted at the Microsoft web site:
About the author
Posted by Michal of Data Doctors on July 19, 2003