[Dshield] New Microsoft Windows RPC vulnerability

Serge Vondandamo svondandamo at mercury-eur.com
Thu Sep 11 20:56:20 GMT 2003


Why not try UpdatExpert...
I am using it and it just works fine. it expensive but it is worth it.

Cheers
Serge

-----Original Message-----
From: Paul Marsh [mailto:pmarsh at nmefdn.org]
Sent: Thursday, September 11, 2003 9:34 PM
To: General DShield Discussion List
Subject: RE: [Dshield] New Microsoft Windows RPC vulnerability


I would suggest looking at www.shavlik.com HFNetChk.  SUS is build on
Shavlik technology and to be honest SUS has some massive short comings.
Full Blown SP's either OS or Office Suite are impossible without reg hacks
on the clients.  Need to find out what patches were installed on what system
forget it in SUS.  HFNetChk works really well, no setting up another IIS box
to worry about, it can be run right from your workstation.

Just my 2cents

-----Original Message-----
From: SAWYER Charlotte M [mailto:Charlotte.M.Sawyer at state.or.us]
Sent: Thursday, September 11, 2003 2:54 PM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] New Microsoft Windows RPC vulnerability


There appears to be some requirements for SUS to work out for folks though.
To avoid closing down apps ungracefully, users need to be administrators on
their boxes -- depending on the environment this may or may not be a big
deal.  We're testing it and have yet to be TOTALLY comfortable with it yet
-- still seems a bit inconsistent.  We haven't given up hope yet though!



-----Original Message-----
From: Roberts, Chris [mailto:CRoberts at Limitedbrands.com]
Sent: Thursday, September 11, 2003 10:10 AM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] New Microsoft Windows RPC vulnerability


Apart from the Voodoo Doll, Microsoft SUS (Software Update Services) local
server delivering to internal users..........set schedule and go.

oh, and Tea instead of coffee, more caffeine and much nicer :)

-----Original Message-----
From: Graham Dodd [mailto:g.dodd at falk-ross.de]
Sent: Thursday, September 11, 2003 12:16 PM
To: General DShield Discussion List
Subject: AW: [Dshield] New Microsoft Windows RPC vulnerability


Well I don't know how you guys keep up with this patching, but right now I'm
tired, p!$$&= off and two patches behind. Sysadmin is my second job in the
company, and I have a hard time getting through the emails before my "real"
work begins.

I'm seriously thinking of switching to Linux as OS with VMWare for those
times when I have to run Windows (VB, Access programming) and setting all
other users up on thin clients.

If MS sold cars and appliances to the same standard as their bugware they
would have been out of business a long time ago.

Any suggestions that can aid patching and cut down on my caffeine intake
would be greatly appreciated.

thanks

Graham

> -----Ursprungliche Nachricht-----
> Von: list-bounces at dshield.org [mailto:list-bounces at dshield.org]Im
> Auftrag von Johannes B. Ullrich
> Gesendet: Mittwoch, 10. September 2003 18:56
> An: list at dshield.org
> Betreff: [Dshield] New Microsoft Windows RPC vulnerability
>
>
>
> MSFT just released a new bulletin:
>
> http://www.microsoft.com/security/security_bulletins/ms03-039.asp
>
> Happy patching.
>
> (To celebrate this, I will allow a few anti MSFT, pro Linux posts)
>
>
> --
> SANS - Internet Storm Center
> http://isc.sans.org
> PGP Key: http://isc.sans.org/jullrich.txt
>

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list