Multiple Vulnerabilities in Microsoft Windows RPC/DCOM

Reported April 13, 2004, by Microsoft.

VERSIONS AFFECTED

·        Windows Server 2003

·        Windows XP

·        Windows 2000 Server

·        Windows NT Server 4.0 Service Pack (SP) 6a

·        Windows NT Server 4.0, Terminal Server Edition (WTS) SP6

·        Windows NT Workstation 4.0 SP6a

·        Windows Me

·        Windows 9x

DESCRIPTION

Several new vulnerabilities exist in Microsoft remote procedure call/Distributed COM (RPC/DCOM), the most serious of which could result in the execution of arbitrary code on the vulnerable system. These four new vulnerabilities consist of

·        RPC Runtime Library vulnerability

·        Remote Procedure Call Subsystem Service (RPCSS) vulnerability

·        COM Internet Services—RPC over HTTP vulnerability

·        Object identity vulnerability

VENDOR RESPONSE

Microsoft has released Microsoft Security BulletinMS04-012, "Cumulative Update for Microsoft RPC/DCOM," to address these vulnerabilities and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT

Discovered by eEye Digital Security, Qualsys and Todd Sabin.