Full Disclosure mailing list archives

Re: RPC DCOM Patches


From: Michael Scheidell <scheidell () secnap net>
Date: Thu, 31 Jul 2003 15:21:38 -0400 (EDT)

The MS website says that the patch can only be applied to Windows 2000 
systems with SP3 or SP4.  Has anybody tried to run the patch on an SP2 
system?  Are NT 4 Workstations vulnerable too, or just NT 4 Servers?

one more thing to rember.. the ms03-026 will only patch the remote
exploit!  you can still DOS them, patched or not.

Only workaround is to firewall the boxes, and to protect form internal
damave, turn dcom off with dcomconfg.exe

-- 
Michael Scheidell
SECNAP Network Security, LLC 
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Current thread: