lsvtec
GNU/Linux Evangelist
Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)
Originally posted: September 10, 2003
Summary
Who should read this bulletin: Users running Microsoft ? Windows ?
Impact of vulnerability: Run code of attacker?s choice
Maximum Severity Rating: Critical
Recommendation: System administrators should apply the security
patch immediately
End User Bulletin:
An end user version of this bulletin is available at:
http://www.microsoft.com/security/security...ns/ms03-039.asp.
Protect your PC:
Additional information on how you can help protect your PC is
available at the following locations:
End Users can visit http://www.microsoft.com/protect
IT Professionals can visit
http://www.microsoft.com/technet/security/...ps/pcprotec.asp
Affected Software:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server? 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
http://www.microsoft.com/technet/treeview/...in/MS03-039.asp
http://slashdot.org/article.pl?sid=03/09/1...tid=126&tid=172
I guess when you have a larger piece of the number of computers in service running your product people are more likely to expose your holes. But this is getting rediculous, don't they employ any QA testers??? I guess they need to look into primate outsourcing.