Microsoft

Tech Tip: Patch your systems to correct an RPC flaw

On July 16, 2003, Microsoft issued security bulletin MS03-026 in response to a buffer overrun vulnerability in the Remote Procedure Call (RPC) services for all NT-based versions of Windows, including Windows Server NT, Windows 2000, Windows XP, and Windows Server 2003.

A buffer overrun vulnerability occurs when an unchecked buffer is exploited by overwriting program code with code of an attacker's choosing. This includes possibly executable code, which can result in a change of the program's function.

You can protect your RPC system against this particular flaw with a properly configured firewall or by installing a patch that's available from Microsoft. Installing the patch is the preferred solution, but if that's not possible, block TCP/UDP ports 135, 139, and 445 at the firewall to help prevent external exploitation of this vulnerability.

If you haven't done so, install this patch as soon as possible. Windows Update will install this patch for you, or you can go directly to Microsoft's Web site to install the patch for Windows NT 4.0 Server or Windows NT 4.0 Terminal Services Edition. Be sure to reboot your system after installation is complete.

Editor's Picks

Free Newsletters, In your Inbox