Microsoft’s RPC Implementation

This comes out the newsletter of SANS:
It seems the final nail potentially has been placed into the coffin of Windows NT. Last week, Microsoft released security bulletin MS03-010, which details how anyone with access to port 135 can crash the RPC endmapper service, thereby taking down all RCP functionality and some COM functionality, too. According to Microsoft, the Windows NT architecture has proven unable to accommodate a fix; thus, Windows NT systems are just going to have to go on being vulnerable, indefinitely. This leaves a large threat to internal Windows NT systems, particularly older domain controllers and WINS servers that have not been migrated to Windows 2000 or later. Let’s just hope the next big Internet worm that manages to slither into private networks doesn’t tickle this vulnerability, since there’s no way to defend against it.




%d bloggers like this:

On this website we use first or third-party tools that store small files (cookie) on your device. Cookies are normally used to allow the site to run properly (technical cookies), to generate navigation usage reports (statistics cookies) and to suitable advertise our services/products (profiling cookies). We can directly use technical cookies, but you have the right to choose whether or not to enable statistical and profiling cookies. Enabling these cookies, you help us to offer you a better experience.