RPC Vulnerability Info Here

Discussion in 'NZ Computing' started by PseUDO, Aug 12, 2003.

  1. PseUDO

    PseUDO Guest

    From Neowin's website:

    Tonight another round of internet shutdowns has resulted in worried and
    confused users of Windows 2000/XP and Windows Server 2003.

    Please remember to patch your system and check to make sure your firewall is
    blocking any kind of attack to any of your systems.

    W32.Blaster.Worm is a worm that will exploit the DCOM RPC
    vulnerability(described in Microsoft Security Bulletin MS03-026) using TCP
    port 135. It will attempt to download and run a file, msblast.exe.

    User's should block access to TCP port 4444 at the firewall level. User's
    should also block the following ports, if they do not use applicaitons
    listed:

    TCP Port 135, "DCOM RPC"
    UDP Port 69, "TFTP"

    ````````````````

    From Symantec's website:

    Based on the number of submissions received from customers and based on
    information from the Symantec's Deepsight Threat Management System, Symantec
    Security Response has upgraded this threat to a Category 4 from a Category 3
    threat.

    W32.Blaster.Worm is a worm that will exploit the DCOM RPC vulnerability
    (described in Microsoft Security Bulletin MS03-026) using TCP port 135. This
    worm will attempt to download and run the Msblast.exe file.

    Block access to TCP port 4444 at the firewall level, and then block the
    following ports, if they do not use the applications listed:


    a.. TCP Port 135, "DCOM RPC"
    b.. UDP Port 69, "TFTP"
    The worm also attempts to perform a Denial of Service (DoS) on
    windowsupdate.com. This is an attempt to prevent you from applying a patch
    on your computer against the DCOM RPC vulnerability.

    http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html

    W32.Blaster.Worm Removal Tool

    If your infected use removal tool to remove infection , then apply
    Microsofts patch IMEDIATELY from here

    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

    PseUDO
     
    PseUDO, Aug 12, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?d2VsbHNpZQ==?=

    Can't Print Due to "RPC Server Unavailable"

    =?Utf-8?B?d2VsbHNpZQ==?=, Nov 3, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    4,475
    =?Utf-8?B?d2VsbHNpZQ==?=
    Nov 3, 2005
  2. Andrey Tarasov
    Replies:
    0
    Views:
    599
    Andrey Tarasov
    Jan 17, 2004
  3. =?Utf-8?B?UmFt?=

    RPC Error

    =?Utf-8?B?UmFt?=, Mar 27, 2005, in forum: MCSE
    Replies:
    3
    Views:
    2,950
    =?Utf-8?B?UmFt?=
    Apr 1, 2005
  4. Mcploppy ©

    More info on RPC from BT Openworld support

    Mcploppy ©, Aug 11, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    433
    Mcploppy ©
    Aug 11, 2003
  5. Boomer

    Re: RPC vulnerability for 9x/ME, too.

    Boomer, Aug 14, 2003, in forum: Computer Support
    Replies:
    24
    Views:
    689
    Monsignor Larville Jones MD
    Aug 18, 2003
Loading...

Share This Page