Apparently only windows 2000 and XP (and possibly NT) are vulnerable (so 95 and 98 are okay.) It's an RPC vulnerability which means it's not an email or web thing. You don't have to download or run anything. Your computer is listening on certain ports for Remote Procedure Calls (RPC calls) which allow your computer to execute code at the request of a remote client.
This can be powerful (when we notify weblogs.com about updates we send an RPC, for example) but there is a big bug in the microsoft implementation that allows remote clients to execute arbitrary code. Microsoft patched this months ago, but nobody ever applies the patches.
If you are running xp or 2000 you must download and install the patch I linked to above.
|
This can be powerful (when we notify weblogs.com about updates we send an RPC, for example) but there is a big bug in the microsoft implementation that allows remote clients to execute arbitrary code. Microsoft patched this months ago, but nobody ever applies the patches.
If you are running xp or 2000 you must download and install the patch I linked to above.
- jim 8-14-2003 7:51 pm