Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2003-09-10 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft RPCSS Vulnerability

Published: 2003-09-10
Last Updated: 2003-09-11 03:40:59 UTC
by Handlers (Version: 1)
0 comment(s)

Update: MS03-039 Briefing for senior IT managers

PDF: http://isc.sans.org/presentations/MS03-039.pdf

Power Point: http://isc.sans.org/presentations/MS03-039.ppt

In response to todays announcement of a new Microsoft Windows RPC vulnerability, we
raised the 'Infocon' to 'yellow' in order to alert users of the urgency to patch,
and to point out that this is a new issue not covered by any of the prior RPC
patches.
Microsoft released a new RPC related advisory (MS003-039). This advisory discloses
a buffer overrun condition in the RPCSS service. This issue is not fixed by any
patch applied to remedy the RPC DCOM vulnerability.

For details, see:

http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-039.asp

Keywords:
0 comment(s)
Diary Archives