posted by _Steve_ on 17-Jul-2003 20:51:48 (2364 reads)
Microsoft yesterday warned of a critical flaw affecting all versions of its operating systems bar Windows 98 and ME.
The critical vulnerability opens the way for crackers to run malicious code and take over vulnerable machines. The flaw affects Windows NT 4, NT 4 Terminal Edition, Win 2000, XP and Win 2003 (irrespective of any service pack applied). Redmond has issued a fix, which users are strongly urged to review.
RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on a remote system
Because of an implementation error in a function responsible for instantiation of DCOM objects, remote attackers can obtain remote access to vulnerable systems.
By sending specially crafted message to the TCP port 135 of vulnerable Windows system, an attacker can exploit the vulnerability and execute any code with system privileges. On intranets access to this port can easily be blocked by a properly configured firewall, but that still leaves enormous scope for mischief.