Microsoft Identifies, Patches Another Critical RPC Hole

Dynamoo writes "Microsoft have another critical vulnerability in the Windows NT/2000/XP/2003 line of OSes, allowing a remote attacker to run arbitrary code. In other words, this probably carries about the same risk as the well-documented RPC hole exploited by MSBlaster and Nachi. A Knowledgebase article is also available. Given the experience of the RPC exploit, this probably gives administrators a couple of weeks to patch all the systems in their organisations. Again. Shucks, we haven't even finished patching the RPC flaw yet." You might want to keep your laptop's batteries charged; this NewsForge article suggests that the Blaster worm may have played a role in the August 14th blackout affecting the eastern U.S. Update: 09/10 20:41 GMT by T : Reader AcquaCow suggests that administrators with multiple machines to patch visit Microsoft's Software Update Services (whitepaper), a tool for "managing and distributing critical Windows patches."

Microsoft is not finding these holes

Trusworthy computing is NOT working. MS has the source code, but other people are finding the holes. This is a major problem. This would be ok if MS was finding the holes...they are supposedly looking hard for them. Hmmmm....lip service I guess.

Re:Todays /. Summary

[Henry+V+.009]

Amazing. You got away with "thieving gypsies." Good thing that they are not an 'approved' victim group. You know enough to aviod such terms as "greedy Jews" or "lazy Negros" because that would be wrong. With Gypsies it is all in good fun.

Re:Todays /. Summary

[micromoog]

Interesting corollary: using the verb "to gyp" is, strictly speaking, racist, given its roots.

Re:Fine journalism

[1010011010]

the [network traffic caused by the latest Windows-only] worm crashed a Unix server.

Wow. Windows can crash other operating systems, in addition to itself. Sweet.