1. Guest,
    If you need help getting to know Xenforo, please see our guide here. If you have feedback or questions, please post those here.
    Dismiss Notice

MS03-039 (Security Patch from Microsoft)

Discussion in 'Computers' started by Kraig Lang, Sep 11, 2003.

  1. Kraig Lang

    Kraig Lang Well-Known Member

    Joined:
    May 28, 2000
    Messages:
    200
    Likes Received:
    0
    For those of you that waited on the MS03-026 patch from Microsoft and were eventually infected with SoBIG.F, Nachi, or MSblast, I recommend you go get this patch (MS03-039)as soon as possible.

    I read on Cnet that there are already variants of these worms that may be able to take advantage of the vulnerabilities fixed by this patch.

    BTW, getting MS03-026 when it came out saved our 2600 servers from certain death a few weeks ago.

    [Edit] Sorry, here's a link to the update site http://v4.windowsupdate.microsoft.com/en/default.asp


    Kraig
     
  2. Kevin P

    Kevin P Well-Known Member

    Joined:
    Jan 18, 1999
    Messages:
    1,444
    Likes Received:
    0
    For those who don't want to use Windows Update, or have to update multiple systems, I'm providing links to the patches below.

    Microsoft Security Bulletin MS03-039 Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

    To download the patch, click on one of the following links for whatever version of Windows you're running. Once the page comes up, the download link will appear in the upper right hand corner of the page. If you're running Windows 95, 98, or ME, you are not affected by this vulnerability. You can also get the patch from Windows Update.

    Windows NT Workstation 4.0 (requires Service Pack 6a)
    Windows NT Server 4.0 (requires Service Pack 6a)
    Windows NT Server 4.0, Terminal Server Edition (requires Service Pack 6)
    Windows 2000 (requires Service Pack 2 or higher)
    Windows XP (requires Service Pack 1 or XP Gold)

    Go here for more information, or for patches for other versions, such as 64-bit Windows XP or Windows Server 2003.

    After applying the patch, you will have to reboot. If you're not prompted to reboot, it means the patch was already applied (perhaps through Windows Update).

    This patch supersedes MS03-026 which covered the RPC vulnerability that allowed the Blaster worm to spread.
     
  3. Rob Gillespie

    Rob Gillespie Well-Known Member

    Joined:
    Aug 17, 1998
    Messages:
    3,636
    Likes Received:
    5
    This will also most likely be the last patch made available for Windows 2000 Service Pack 2.
     
  4. Kraig Lang

    Kraig Lang Well-Known Member

    Joined:
    May 28, 2000
    Messages:
    200
    Likes Received:
    0
    Thanks Kevin for providing the additional links!!

    And everyone, our security group has gotten news that there has been an exploit identified of unknown source, so make sure you patch quickly.
     
  5. Rob Gillespie

    Rob Gillespie Well-Known Member

    Joined:
    Aug 17, 1998
    Messages:
    3,636
    Likes Received:
    5
    I reckon the first viruses will be variants on Blaster and Nachi, just using the newly identified vulnerable ports.
     
  6. Lee L

    Lee L Well-Known Member

    Joined:
    Oct 26, 2000
    Messages:
    868
    Likes Received:
    0
    FYI, this update was waiting for me this morning via the auto update service on W2K at work.
     
  7. Kevin P

    Kevin P Well-Known Member

    Joined:
    Jan 18, 1999
    Messages:
    1,444
    Likes Received:
    0
    For those who haven't patched yet, better do it soon, as it may soon be exploited, and the next Blaster-like worm attack could be upon us in the next few weeks. I'm starting to see TCP port 593 scans on my firewall, so some are already probing for vulnerable systems.

    SANS - RPCSS Vulnerability Update

    It's easier to patch now, than to cleanup, disinfect and patch compromised machines later!

    Run, don't walk, and patch, patch, patch!
     
  8. John_Berger

    John_Berger Well-Known Member

    Joined:
    Nov 1, 2001
    Messages:
    2,489
    Likes Received:
    0
    *sigh*

    I love my Linksys router/firewall.
     
  9. Andrew Chong

    Andrew Chong Well-Known Member

    Joined:
    May 7, 2002
    Messages:
    739
    Likes Received:
    0
    Thank-you Kraig and Kevin!
     
  10. Kraig Lang

    Kraig Lang Well-Known Member

    Joined:
    May 28, 2000
    Messages:
    200
    Likes Received:
    0
    I always prefer hearing about the "It didn't happen to me" stories than the "Now what do I do" stories.[​IMG]
     
  11. Carl Miller

    Carl Miller Well-Known Member

    Joined:
    Mar 17, 2002
    Messages:
    1,461
    Likes Received:
    0
    I installed this, and the XP Service Pack Microsoft stated was required in order to install some other patch...And then Outlook Express stopped working. The Windows Management accessory program disappeared, and I got runtime errors in Word and Excel. Beautiful.

    So I uninstalled the Service Pack, and now Outlook is working, the Win Managment utility is back again and the runtime errors are gone.

    I've got Norton Anti-virus to protect me from virus' and worms. I've got ZoneAlarm to protect me from hackers.

    Who's protecting me from Microsoft?
     

Share This Page