Please Scroll Down to See Forums Below
napsgear
genezapharmateuticals
domestic-supply
puritysourcelabs
UGL OZ
UGFREAK
napsgeargenezapharmateuticals domestic-supplypuritysourcelabsUGL OZUGFREAK

MICROSOFT Security hole, make sure your computers are patched ASAP

gsxr1000

gsxr1000

New member
Due to the critical impact of Windows DCOM RPC buffer overrun vulnerability. Please download the patch from the below link and install ASAP.



Severity--Critical

Risk-- Exploitation of this issue could result in execution of malicious instructions with Local System privileges on an affected system.

References: <http://www.securityfocus.com/bid/8205/solution/>

Solution: Perform WindowUpdate or manually download/run these patches ASAP. Please be informed that the DCOM RPC exploit code has been recently released in the Internet.





Microsoft Windows 2000 Server

Microsoft Windows 2000 Advanced Server

Microsoft Windows 2000 Professional

Microsoft Patch Windows2000-KB823980-x86-ENU.exe

<http://microsoft.com/downloads/deta...46-F541-4C15-8C9F-220354449117&displaylang=en>





Microsoft Windows XP Home

Microsoft Windows XP Professional

Microsoft Patch WindowsXP-KB823980-x86-ENU.exe

<http://microsoft.com/downloads/deta...6C-C5B6-44AC-9532-3DE40F69C074&displaylang=en>





Microsoft Windows XP 64-bit Edition

Microsoft Patch WindowsXP-KB823980-ia64-ENU.exe

<http://microsoft.com/downloads/deta...DF-4A85-488F-80E3-C347ADCC4DF1&displaylang=en>





Microsoft Windows Server 2003 Standard Edition

Microsoft Windows Server 2003 Enterprise Edition

Microsoft Windows Server 2003 Web Edition

Microsoft Patch WindowsServer2003-KB823980-x86-ENU.exe

<http://microsoft.com/downloads/deta...3A-9F4C-4061-9009-3A212458E92E&displaylang=en>





Microsoft Windows Server 2003 Enterprise Edition 64-bit :

Microsoft Patch WindowsServer2003-KB823980-ia64-ENU.exe

<http://microsoft.com/downloads/deta...73-C3F0-4EC1-995F-017E35692BC7&displaylang=en>





Microsoft Windows NT Workstation 4.0

Microsoft Windows NT Enterprise Server

Microsoft Patch Q823980i.EXE

<http://microsoft.com/downloads/deta...4E-217E-4FA7-BDBF-DF77A0B9303F&displaylang=en>





Microsoft Windows NT Terminal Server 4.0

Microsoft Patch Q823980i.EXE

<http://microsoft.com/downloads/deta...60-64FA-424C-A3C1-C9FAD2DC65CA&displaylang=en>
 
A thread was posted earlier and several people had problems due to viruses exploiting this vulnerability.

Do the update, you'll thank me later...
 
Guys, this is not a virus. Why does it happen to everyone? Think about it????
 
Bro, but how do you release the virus? It has to be executed remotely, or locally. Are you saying all of us went to some website, and this hole had allowed the virus to slip through?
 
If your on XP and not connected to a network, you might want to disable the internal messenger also ( its not msn messenger).
Its what creates those grey window pop ups.
 
Lumberg said:
My install didn't go through for some reason....
Click to expand...

If you have a pirated copy of xp and can't install SP1 then you'll have to change your registration number first. MS is blocking commonly pirated numbers.

When you connect for an update you give them a code that they validate against known hacked codes. If yours is a common hack they don't let you proceed.
 
If this is the RPC vulnerability, then you will also need a firewall blocking ports 135 and 445.

Otherwise, you can patch and still be open to a denial of service.
Even though you aren't being exploited directly post patch, the incoming data on those ports will still freeze a variety of things on your system.

Other options are using a Mac or a *nix box- which I would assume is more expense and hassle than apply patches and buying a $50 firewall/router/switch all in one deal like a Linksys or Netgear solution for home users.
 
It infected my computer yesterday. Big hassle, but the patch eliminates it promptly.

I speculated the same regarding firewalls, Martha, and my support droid disagreed.
 
Unfortunately, alot of applications use RPC port 135, so blocking it outright isn;t exactly the easiest thing to do.
 
For the general user on here, they aren't using RPC.

If you are in a corporate environment, then it is obviously more feasible that you are going to have machines talking to each other that need it.

Still, that only rules out the software firewall on that machine from blocking ports.

You can still put a firewall on the outside connction to block said ports from coming in.

And again, for those that have to get their word in, of course won't work if you are making remote procedure calls, then fine - you might have issues.

But I stand by my statement that the users on here aren't in need of those ports, and are better served by blocking them.
 
Addicted said:
I can't downloard anything either, the worm shuts down my system before the installation is complete:(
Click to expand...


Ask someone to go to the site and download it to a disk or something, the .exe is only like 800K
 
gsxr1000 said:



Ask someone to go to the site and download it to a disk or something, the .exe is only like 800K
Click to expand...

800K for the Win2k and 1.2M for the XP 32bit one.

Not sure if they are already compressed or if zipping them further is feasible - either way, should easily fit on a 1.44 floppy.

disconnect from the net, boot into safe mode, install the patch, and then restart with the net connection up again.

that said - it is still feasible that without the ports blocked you will get restarts and effective DOSes on your machines.

Blocking the ports will not work in the long run since other worms will come out that use different ports, but for now, if you want to get around it, block ports 135, 445, and 4444.

Like others said, if you are running remote procedure calls, then it is feasible that this will cause problems - but I would imagine that you would rather have those problems then being unable to have the machine up at all.
 
dude ,shit i have Windows 2000, but my comp doesnt shut down its just my internet stops working after about 6 mins. how the hell am i suposed to fix this?
 
SuperShredder said:
dude ,shit i have Windows 2000, but my comp doesnt shut down its just my internet stops working after about 6 mins. how the hell am i suposed to fix this?
Click to expand...

I guess you probably missed the other posts in this thread that discussed how to fix it, and then the other threads that discussed it, and then the news pages that link to it, and definitely not the actual Microsoft pages that say how to fix it.

Win2k will freeze up, but not reboot when it gets it - that said, it does something very similar when it doesn't have it, but is in the process of the worm trying to get in.
 
well , i dloaded the serveice 2 thing,but my internet connection doesnt last long enough for it to dload. it says theres a way u can dload it without the internet connection but i cant find it at the windows 2000 site,does anyone know where i can find it then?
 
SuperShredder said:
well , i dloaded the serveice 2 thing,but my internet connection doesnt last long enough for it to dload. it says theres a way u can dload it without the internet connection but i cant find it at the windows 2000 site,does anyone know where i can find it then?
Click to expand...

Did you really just ask if you could download something from the net if you aren't connected to the net?

I think I'm fresh out of help for this one.
 
SuperShredder said:
well , i dloaded the serveice 2 thing,but my internet connection doesnt last long enough for it to dload.
Click to expand...

When the shut down warning appears, just reset your clock to a date thats a year prior - your computer will not shut down then. Resetting your date will screw up the shut down sequence, giving you enough time to DL the patch.
 
ok let me re explain everything since my last 2 posts were typed as fast as i could before the internet stoped.
i THINK i have the worm,my computer DOES NOT SHUT DOWN,but the internet STOPS WORKING about 5-7 minutes after i connect.
i went to the windows 2000 website thing from the link posted on this thread. i downloaded the 2000 patch thing but i cant install it cause i didnt have the service pack 2 . so i downloaded the service pack 2 for my windows and began to unstall it but couldnt finish because u have to be online to install it and it takes about 50 mins, so after about 5 mins its disconnects me so i cannot finish. it says there a way to dload it without using the net but i could not find it on the windows 2000 site. so since i cannot finish the service pack 2 i cannot install the windows 2000 patch thing. theres my problem, NOW does every understand and can anyone maybe help me out?
 
How bout you get a friend to download the service pack files for you? They'll fit on a burned CD......
 
You must log in or register to reply here.

Similar threads

K
How To Make Your PC Computer More Portable
Replies
0
Views
1K
karenna
K
hanselthecaretaker
PC vs. Mac in Security: Experts Share Opinions
Replies
23
Views
5K
mrplunkey
mrplunkey
JarheadChiro
Computer Safety... final draft!
Replies
0
Views
959
JarheadChiro
JarheadChiro
gsxr1000
Microsoft Security Alert - New Rpc Vulnerabilty (like Blaster Worm)
Replies
2
Views
812
gsxr1000
gsxr1000
acneman
Hiren's boot CD V8.6
Replies
3
Views
4K
Queensney
Q
Top Bottom