PDA

View Full Version : another Critical remote code execution flaw in Windows RPC patched



stu120404
17-04-2004, 12:44 PM
From IDG Virus & Security Watch news letter. Date: Friday, 16 April , 2004

* Critical remote code execution flaw in Windows RPC patched

Recall the Blaster worm? (Where were you if you can't??)

It was terribly 'successful' because there were huge numbers of Windows users who did not have their machines sufficiently firewalled from the net and who had not updated with an RPC patch that had been available for several weeks. This is another patch for the same sub-system and, at least on the most common NT-based OSes, Windows 2000 and XP, and on Server 2003, it is rated as being of critical severity. There are four vulnerabilities fixed in this latest patch, but with one of providing remote code execution hole, the don't really matter.

Patch now or risk becoming a victim of a possible (perhaps even likely) future 'son of Blaster' worm!

Microsoft Security Bulletin MS04-012 (http://s0.tx.co.nz/at/tep34i45723a4j21755c292424s4t9n881431f1z)