Windows Vulnerabilities Revealed, Patched

Saint Aardvark writes "A big MS Windows remote vulnerability has just hit BugTraq. It concerns a buffer overflow in MS' DCOM, and affects Win2k through Server 2003; here's the security advisory from Microsoft. This is in addition to an earlier vulnerability concerning conversion from HTML to RTF - there's a separate security advisory from Microsoft for this one, and it affects Win98 and NT 4.0 through Server 2003. Patch early, patch often." There's also a CNET News story with a little more explanation on the newest vulnerability.

winnuke all over again!

[sporty]

The vulnerability results because the Windows RPC service does not properly check message inputs under certain circumstances. This particular failure affects an underlying Distributed Component Object Model (DCOM) interface, which listens on TCP/IP port 135.

Sounds like we'll haev winnuke2003 sometime soon. :)

<disclaimer>I know that winnuke uses OOB data vs this which does something on the application layer. :P</disclaimer>

Re:Bad One?

[FLoWCTRL]

Yes... and there are probably lots of exploits that never get published, just used. Now do you want your government relying on this software to store data such as the Total Information Awareness Program, for example? (Oh, I see they renamed it...)

Would you want your business to rely on it? I find it utterly astounding that so many PHB's still think its a good idea. A German beaurocrat who was pitching open source insightfully quipped, "'Security through obscurity' is the model of yesterday. The model of the future is 'Security through transparency'". Thats a paraphrase, and I'm too lazy to look it up. Great point, though. Maybe this new vulnerability will lead to another "slammer" worm...