Roadblock
09-10-2003, 11:08 PM
Source: C|Net News (http://news.com.com/2100-1009_3-5074008.html?tag=fd_top)
Author: Michael Kanellos (mailto:michaelk@cnet.com)
"Update - Microsoft identified three vulnerabilities in Windows on Wednesday that could have a similar effect to that of the dreaded MSBlast worm of August.
The flaws, which affect Windows NT 4.0, Windows 2000, Windows Server 2003, Windows XP and the 64-bit versions of Windows XP, are the latest in a string of critical weaknesses identified in Windows recently. The company has issued a patch that can be downloaded from its Web site.
The first two flaws are buffer overruns, which allow a hacker to take over a computer by swamping it with data.
The third is a denial-of-service flaw that affects a component known as the remote procedure call (RPC) process. The RPC process facilitates activities such as sharing files and allowing others to use a computer's printer. By sending too much data to the RPC process, an attacker can cause the system to grant full access to its resources. By using the flaws in tandem, a hacker could load unwanted programs onto computers through the buffer overrun flaws and then use the infected computers to launch a denial-of-service attack."
Read Full Article Here (http://news.com.com/2100-1009_3-5074008.html?tag=fd_top)
Get Patch Here (http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-039.asp)
Author: Michael Kanellos (mailto:michaelk@cnet.com)
"Update - Microsoft identified three vulnerabilities in Windows on Wednesday that could have a similar effect to that of the dreaded MSBlast worm of August.
The flaws, which affect Windows NT 4.0, Windows 2000, Windows Server 2003, Windows XP and the 64-bit versions of Windows XP, are the latest in a string of critical weaknesses identified in Windows recently. The company has issued a patch that can be downloaded from its Web site.
The first two flaws are buffer overruns, which allow a hacker to take over a computer by swamping it with data.
The third is a denial-of-service flaw that affects a component known as the remote procedure call (RPC) process. The RPC process facilitates activities such as sharing files and allowing others to use a computer's printer. By sending too much data to the RPC process, an attacker can cause the system to grant full access to its resources. By using the flaws in tandem, a hacker could load unwanted programs onto computers through the buffer overrun flaws and then use the infected computers to launch a denial-of-service attack."
Read Full Article Here (http://news.com.com/2100-1009_3-5074008.html?tag=fd_top)
Get Patch Here (http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-039.asp)