electric sheep - news - Microsoft RPC hole could lead to DoS attacks

Microsoft RPC hole could lead to DoS attacks

	Remote Procedure Call (RPC) hacks seem to be flavour of the month. Only a week ago a major vulnerability was found in the Sun XPR RPC. Now one has been found in Windows 2000, XP and NT. The hole doesn't allow an attacker to gain control but it would effectively stop the machine working. Microsoft has released patches for Windows 2000 and XP. Windows NT users aren't so lucky. Microsoft claims that NT's architecture makes a patch for this impossible. The company says that blocking port 135 at your firewall will stop attackers from being able to use the exploit. That does leave a large question of what to do with NT servers which are actively executing RPCs. From the looks of the information on the Microsoft site, the only safe option would be to move to 2000 or XP. Full Article: TheInquirer

© Copyright 2000-2003 Electric Sheep Inc. All Rights Reserved (electricsheep.us) (esheep.org) (elektrik-sheep.com)