Microsoft's RPC Implementation

This comes out the newsletter of SANS:
It seems the final nail potentially has been placed into the coffin of Windows NT. Last week, Microsoft released security bulletin MS03-010, which details how anyone with access to port 135 can crash the RPC endmapper service, thereby taking down all RCP functionality and some COM functionality, too. According to Microsoft, the Windows NT architecture has proven unable to accommodate a fix; thus, Windows NT systems are just going to have to go on being vulnerable, indefinitely. This leaves a large threat to internal Windows NT systems, particularly older domain controllers and WINS servers that have not been migrated to Windows 2000 or later. Let's just hope the next big Internet worm that manages to slither into private networks doesn't tickle this vulnerability, since there's no way to defend against it.




%d bloggers like this: