Critical Flaw Leaves Windows Server 2003 Vulnerable

[George Robinson <grcomm...>]

Friends --

This is definitely NOT a hoax, as you can see from the source of the 
information. I have already experienced this little "bug"
in Windows XP (Thanks Bill Gates, you jerk) and it's a pain in the neck.
Act as you will but I am downloading the patches even as you read this.

Best,
George
http://www.eweek.com/article2/0,3959,1195707,00.asp

-- 
For I bless God in the libraries of the learned
and for all the booksellers in the world. 
                --Christoper Smart; "Jubilate Agno"

Title: Critical Flaw Leaves Windows Server 2003 Vulnerable

Search

in

All SiteseWEEK

Advanced Search

		Already a Member? Sign In Not a member? Join Now

Home > Company Spotlight > Microsoft News > Securing Windows  > Critical Flaw Leaves Windows Server 2003 Vulnerable

News

eWEEK Labs

Opinion

Rumors

Security

Wireless

Storage

Linux

Company Spotlight

Microsoft News

IBM News

Apple News

Dell News

Sun News

Oracle News

HP News

AMD News

Intel News

Developer News

Interviews

eWEEK International

Careers Center

Tools & Utilities

IT Infrastructure

Free Subscription

White Papers

	Try digital eWEEK! Check out this issue Past Issues Free Subscription Subscriber Help

	Free Online Seminars For IT Professionals
	Notebooks for the Masses!
	Navigating Your Backup & Storage Options

Get eWEEK's FREE online newsletters!
	eWEEK Product Update
	eWeek Enterprise Update
	eWEEK News & Views
	Securing the Enterprise
	Peter Coffee's Enterprise IT Advantage
	eWEEK Storage Report
Preferred e-mail format: HTML Text only
Enter your e-mail:
View All Newsletters Newsletters Help

July 16, 2003

Critical Flaw Leaves Windows Server 2003 Vulnerable

By Dennis Fisher

Microsoft Corp. has issued a patch for the first serious vulnerability to be found in the Windows Server 2003 software, which company officials have said is their most secure OS yet.

Although this is actually the fourth flaw to affect Windows 2003, it is the first one to be rated critical. The others were rated moderate risks because they didn't affect default configurations of the software.

ADVERTISEMENT

This vulnerability is found in a portion of the Remote Procedure Call (RPC) protocol that handles message exchanges over TCP/IP. The vulnerability, which arises because of incorrect handling of error messages, affects a particular Distributed Component Object Model interface with RPC.

The interface handles DCOM object activation requests sent by client machines to the server, Microsoft said in its bulletin. A successful exploitation of this flaw would give an attacker the ability to run code with local system privileges on the compromised machine. This would give the attacker complete control of the system.

			MS Patches Trio of Windows Flaws
			Microsoft Warns of Windows 2000 Server Flaw
			NGSCB Spells Better Security for Windows
			Microsoft Making Security Inroads

In addition to applying the patch for this vulnerability, Microsoft officials recommend that customers block TCP port 135, the port on which RPC listens.

Company officials said they believe they have identified the procedural breakdown that allowed this vulnerability to creep into Windows Server 2003.

"Our failure to find and fix this in the security push is a process issue. We're updating our automated code scanning tool to find this problem," said Jeff Jones, senior director of marketing for Trustworthy Computing at Microsoft in Redmond, Wash. "Our target was to have zero vulnerabilities [in Windows Server 2003], but realistically we knew it was coming at some point."

The patch for this flaw, which also affects Windows NT 4.0, 2000 and XP, is located here.

Microsoft also issued patches for two other vulnerabilities on Wednesday. The first is a flaw in the Windows shell in Windows XP that allows an attacker to run code on vulnerable machines. The problem is in a function used by the shell to extract custom attribute information from certain folders. That patch is here.

The final vulnerability is in the Internet Security and Acceleration server, Microsoft's firewall software. There is a cross-site scripting flaw in many of the error pages the ISA server generates. Exploiting this weakness would give an attacker the ability to execute code of the user's machine. The patch for this flaw is located here.

---

System Shopping Partners: Dell Business Systems | Dell Home Systems

---

NEWS | eWEEK LABS | OPINION | RUMORS | SECURITY | WIRELESS | STORAGE | LINUX NEWS | CAREERS CENTER | TOOLS & UTILITIES | IT INFRASTRUCTURE | IBM NEWS | MICROSOFT NEWS | APPLE NEWS

ZIFF DAVIS SUPERSITES: SECURITY | WIRELESS | STORAGE

FREE ONLINE SEMINARS FOR EXECUTIVES AND IT PROFESSIONALS

• 07/24 - Shifting to Utility Computing with Michael Krieger. Sponsored by VERITAS Software.
• 07/31 - Scaling Your Linux Server Bandwith with Frank Derfler. Sponsored by Intel.

view more eSeminars >>

NEW PCMAG UTILITY! Take Control of your Computer with the latest PC Magazine Utility: PCMagazine's TaskPower. PC Magazine's TaskPower utility takes the Windows Task Manager concept and puts it on steroids. This program not only tells you what applications are doing and which processes are safe to shut down, it gets smarter on a daily basis. This is one utility you won't want to miss! Read the article, join the Utility Library and download TaskPower today. Read More and Download it Now! More PCMag Utilities >>

TECH SHOP @ EWEEK Get the BEST PRICES on Handheld Computers & PDAs in eWEEK's Tech Shop. Best-Selling Handhelds: HP iPAQ H2210 Color 64MB Palm Tungsten T Color 16MB Dell Axim X5 Color 64MB Sony Clie TG50 Color 16MB Toshiba E740 64MB ViewSonic V35 64MB More Tech Shop >>

	Microsoft Software Management Guide - Free Download Full of tips and tools to help your company track software license purchases, manage licensing costs, and increase efficiency. Download it today from Microsoft?s official software asset management site.
	GoToMyPC - Secure Remote Access Empower your company with secure remote access. GoToMyPC is fast, secure and easy to set up. Click here for more information and a free trial of GoToMyPC.
	EnterpriseSoftwareHQ: Management Software Free software research at EnterpriseSoftware|HQ, headquarters for buyers and sellers of enterprise software. Quickly investigate hundreds of today's top vendors, create a short list, and even send RFPs - all in a fraction of the usual time!
	Storage Resource Management Tool. Pinpoint Active and Inactive data on your network infrastructure. Reduce inactive data by 30-50 percent. Storage Guardian LAN Discovery Tool from $299.
	PC and Server Administration: RemotelyAnywhere 5.0 Remotely control and administer your servers and PCs with just a Web browser. Manage your entire network with the free RA Console. RA is also an ideal remote helpdesk tool. Download a free fully functional 30-day trial.
	Get your product or service listed here.

	Email this Article
	Printer-Friendly Version

	Security Views
	Seltzer:  Even Antivirus Scanners Make Mistakes
	Security Supersite

	BREAKING NEWS
	7:30PM Lotus Scales Down Domino for Midmarket
	7:12PM Primus Buys Broad Daylight
	6:55PM HP Extends Hitachi Resale Agreement
	6:29PM BMC Links IT Assets, Business Services
	5:17PM ClearCube to Extend Blade PCs
	MORE

eWEEK RSS FEEDS 

Want an easy way to keep up with breaking tech news? Get eWEEK headlines delivered to your desktop with RSS.

	WHITE PAPERS
	Latest White Papers on Security:
	Protecting Your Network from Unknown Vulnerabilities
	App Security Business
	Improve Security With Client and Server Digital Certificates
	More White Papers and Reports on Security Mgmt. Network Security Intrusion Detection

	Apply now for a free subscription to the weekly print edition:
	First Name:		Last Name:
	Company:		Title:
	Address:		City:
	State:		Email:
	AL AK AZ AR CA CO CT DE DC FL GA GU HI ID IL IN IA KS KY LA ME MD MA MI MN MS MO MT NE NV NH NJ NM NY NC ND OH OK OR PA PR RI SC SD TN TX UT VT VI VA WA WV WI WY -- AE AP -- AB BC MB NB NF NS NT ON PE QC SK YT
	Zip:

		Shop Now! - Dell Home Solutions Center

		Free Monitor Upgrade w/ new Dell™ PCs. Click. See how storage drives continuous availability Dell: See how your current server configuration stacks up. Try the new Visual Studio .NET 2003 free for 3 hrs Try new Microsoft® Windows® Server 2003 free. DB2 information management software for an on demand era. Can you see it? WebSphere Software Tivoli Software Download the Ziff Davis Blades Server Report Here. Sponsored by Hewlett Packard. FREE HP Print Server Appliance www.hp.com/go/tpm4 FREE performance boost. Find out what you're MISSING. Click here for the Ziff Davis IT Zone sponsored by HP

eWEEK:

Customer Service | Contact Us | About | Advertise

Ziff Davis Media:	Home | Contact Us | Advertise | Magazine Subscriptions | Newsletters | RSS Feeds | White Papers | Tech Shop
	Baseline | CIO Insight | Computer Gaming World | Electronic Gaming Monthly | eSeminars | eWEEK ExtremeTech | GameNOW | Microsoft Watch | Official US PlayStation Magazine | PC Magazine Supersites: Security | Small Business | Storage | Wireless

	Privacy Policy | Terms of Use
	Copyright © 2000-2003 Ziff Davis Media Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Publishing Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Media Inc. is prohibited. For reprint information: click here.