News

DCOM Hole That Enabled Blaster Wider Than Originally Thought

The security hole in the Microsoft DCOM infrastructure in most supported versions of Windows is wider than the company originally feared.

Microsoft released a critical new patch on Wednesday that fixed three new vulnerabilities in the DCOM Remote Procedure Call (RPC) on almost all supported versions of Windows. The patch, MS03-039, supersedes the patch included with bulletin MS03-026, which Microsoft desperately urged corporate and home users to apply in the weeks leading up to the MS Blaster worm. Blaster was written to exploit the hole that Microsoft disclosed and patched in bulletin MS03-026. While Blaster was rated a critical problem, it was actually somewhat worse than the typical critical bulletin because it could be exploited without any user action.

What the new patch means is that there are several vulnerabilities that continue to be open to Blaster-style attacks. So while systems were protected against Blaster by MS03-026, even systems that have that patch won't be protected against any worms written to exploit the new vulnerabilities.

Two of the new vulnerabilities could allow an attacker to take complete control of a user's machine. The new vulnerabilities affect Windows Server 2003, Windows XP, Windows 2000 and Windows NT 4.0. The problem is serious enough that Microsoft went ahead and created a patch for Windows NT 4.0 Workstation and for Windows 2000 with Service Pack 2 even though both are no longer supported.

Microsoft also created a new network scanning tool to help administrators find unpatched systems.

The Microsoft bulletin is available here:
www.microsoft.com/technet/security/bulletin/MS03-039.asp.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.