- Recommend:
- 0 Comments
Windows Flaw Could Allow Attacks
XP, NT, and 2000 systems may be vulnerable to denial-of-service attacks.
A security bug in a network function of Windows NT 4, 2000, and XP can expose computers running those operating systems to a denial-of-service attack, Microsoft warned.
The flaw lies in Microsoft's implementation of a protocol called RPC, or Remote Procedure Call, that allows applications on a computer to call applications on another computer in a network.
An attack on the RPC service could cause the networking services on the system to fail, Microsoft said in security bulletin MS03-010 Wednesday.
An attack would be carried out by sending a malformed request to the RPC endpoint mapper, a service that holds connection information on all RPC processes on that machine.
Inside Access
The mapper listens on TCP/IP port 135, generally accessible from within a company network, but typically blocked for external traffic by a firewall, mitigating the risk of an attack from the Internet, Microsoft said.
A patch to fix the problem is available for Windows 2000 and Windows XP, but there is no patch for Windows NT 4.0 because of major changes in the RPC software since the release of Windows NT 4.0, according to Microsoft.
Windows NT 4.0 users should install a firewall and filter traffic on port 135, the vendor said.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
- Microsoft Rushes Unscheduled Patch for Shortcut Flaw
- Nsauditor Network Security Auditor
- Bugs and Fixes: Do Not Ignore Megapatch for Windows
- Microsoft Unleashes Critical Update for Windows Server
- Windows XP: Pros and Cons of Not Upgrading
- Microsoft to Windows XP: Please Die, Already
- Hacktivism Trumps Money as Motivation for Denial-of-Service Attacks
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
















