[Dshield] New Microsoft Windows RPC vulnerability

Paul Marsh pmarsh at nmefdn.org
Wed Sep 10 20:28:57 GMT 2003


I've also been testing HFNetCh, I just read a post saying they're working on the xml for 039 and should have it out later this afternoon.  HF works well, allot better than SUS but I'm having problems with 036 and 036 deployment.

Thanx, Paul

-----Original Message-----
From: Sue Young [mailto:smy at gcmlp.com]
Sent: Wednesday, September 10, 2003 3:36 PM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] New Microsoft Windows RPC vulnerability


You might want to look into patch management software.  Right
now I've been trying HFNetchkPro from Shavlik.  It's very 
easy and works well.  I haven't tried any others yet.  I 
can easily live with this one.

One problem - it doesn't seem to have the 03-39 patch yet.
This will give me a good chance to see how fast they update.
Right now they only go up to 03-37

Sue Young

-----Original Message-----
From: Keith Bergen [mailto:keith at keithbergen.com] 
Sent: Wednesday, September 10, 2003 1:08 PM
To: General DShield Discussion List
Subject: Re: [Dshield] New Microsoft Windows RPC vulnerability


Ok. Thanks. I found the technical information on it.

I notified our SR VP of IT today at 1:30. I also downloaded 
the patch scanner and ran it on the IP Address range in our 
building.

I wonder how long it will take our IT department to patch all 
the systems. There are 372 right now in our building that 
need patches.

Keith.

---- Original message ----
>Date: Wed, 10 Sep 2003 13:12:57 -0400
>From: Keith Bergen <keith at keithbergen.com>
>Subject: Re: [Dshield] New Microsoft Windows RPC 
vulnerability  
>To: General DShield Discussion List <list at dshield.org>
>
>What exactly is the update. All Microsoft says is that it is
>a security update to a fault that would allow somebody to 
run 
>code. I don't see anything there that explains what exactly
>they are patching.
>
>Keith.
>
>---- Original message ----
>>Date: Wed, 10 Sep 2003 12:56:10 -0400
>>From: "Johannes B. Ullrich" <jullrich at sans.org>
>>Subject: [Dshield] New Microsoft Windows RPC vulnerability  
>>To: list at dshield.org
>>
>>
>>MSFT just released a new bulletin:
>>
>>http://www.microsoft.com/security/security_bulletins/ms03-
>039.asp
>>
>>Happy patching.
>>
>>(To celebrate this, I will allow a few anti MSFT, pro Linux
>posts)
>> 
>>
>>--
>>SANS - Internet Storm Center
>>http://isc.sans.org
>>PGP Key: http://isc.sans.org/jullrich.txt
>>________________
>>signature.asc 1k bytes
>>________________
>>_______________________________________________
>>list mailing list
>>list at dshield.org
>>To change your subscription options (or unsubscribe), see: 
>http://www.dshield.org/mailman/listinfo/list
>
>_______________________________________________
>list mailing list
>list at dshield.org
>To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list