[Dshield] New Microsoft Windows RPC vulnerability

SAWYER Charlotte M Charlotte.M.Sawyer at state.or.us
Thu Sep 11 18:54:12 GMT 2003


There appears to be some requirements for SUS to work out for folks though.
To avoid closing down apps ungracefully, users need to be administrators on
their boxes -- depending on the environment this may or may not be a big
deal.  We're testing it and have yet to be TOTALLY comfortable with it yet
-- still seems a bit inconsistent.  We haven't given up hope yet though!



-----Original Message-----
From: Roberts, Chris [mailto:CRoberts at Limitedbrands.com]
Sent: Thursday, September 11, 2003 10:10 AM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] New Microsoft Windows RPC vulnerability


Apart from the Voodoo Doll, Microsoft SUS (Software Update Services) local
server delivering to internal users..........set schedule and go.

oh, and Tea instead of coffee, more caffeine and much nicer :)

-----Original Message-----
From: Graham Dodd [mailto:g.dodd at falk-ross.de]
Sent: Thursday, September 11, 2003 12:16 PM
To: General DShield Discussion List
Subject: AW: [Dshield] New Microsoft Windows RPC vulnerability


Well I don't know how you guys keep up with this patching, but right now I'm
tired, p!$$&= off and two patches behind. Sysadmin is my second job in the
company, and I have a hard time getting through the emails before my "real"
work begins.

I'm seriously thinking of switching to Linux as OS with VMWare for those
times when I have to run Windows (VB, Access programming) and setting all
other users up on thin clients.

If MS sold cars and appliances to the same standard as their bugware they
would have been out of business a long time ago.

Any suggestions that can aid patching and cut down on my caffeine intake
would be greatly appreciated.

thanks

Graham

> -----Ursprungliche Nachricht-----
> Von: list-bounces at dshield.org [mailto:list-bounces at dshield.org]Im
> Auftrag von Johannes B. Ullrich
> Gesendet: Mittwoch, 10. September 2003 18:56
> An: list at dshield.org
> Betreff: [Dshield] New Microsoft Windows RPC vulnerability
>
>
>
> MSFT just released a new bulletin:
>
> http://www.microsoft.com/security/security_bulletins/ms03-039.asp
>
> Happy patching.
>
> (To celebrate this, I will allow a few anti MSFT, pro Linux posts)
>
>
> --
> SANS - Internet Storm Center
> http://isc.sans.org
> PGP Key: http://isc.sans.org/jullrich.txt
>

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list