From:
Speakeasy
Network
Bulletin
<[EMAIL PROTECTED]>
To:
Speakeasy
Members
<[EMAIL PROTECTED]>
Subject:
[ Speakeasy
] Security
Update: MS
Operating
System
Vulnerabilities
Date:
Wed, 24 Sep
2003
15:27:55
-0700 (PDT)
Dear Speakeasy Members,
The following notice is provided as a courtesy in an effort to
keep all machines on Speakeasy's network secure. Please read
this information if you are running one of the following
Operating Systems (OS):
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Server 4.0, Terminal Server Edition
- Microsoft Windows 2000
- Microsoft Windows XP
- Microsoft Windows Server 2003
Microsoft has issued a security bulletin regarding
vulnerabilities in the Remote Procedure Call (RPC) services which
would allow an attacker to remotely compromise your computer and
gain complete control. To protect your computer and network, you
will need to immediately patch your system.
For full details on this vulnerability and how to update your OS,
please visit
http://www.microsoft.com/security/security_bulletins/ms03-039.asp
You will find more information on Microsoft's Security Bulletin
MS03-039 (824146) and step-by-step procedures for installing the
required update -- including how to set up a firewall, obtain
automated updates and use up-to-date anti-virus software. This
is an excellent resource that will assist you in fully securing
your network against this threat.
For those of you interested in more information on this topic, we
have included additional resources at the end of this notice.
Presently, no global reports of this exploit have been recorded,
however, we strongly encourage all customers running any of the
vulnerable OS's to secure their machines as soon as possible to
prevent any possible damage to their machine and/or network.
We appreciate your prompt attention to this matter,
The Speakeasy Crew
800.556.5829
http://www.speakeasy.net/myspeak
-------------------------------------------------------------------
ADDITIONAL RESOURCES
-------------------------------------------------------------------
- Microsoft Security Bulletin MS03-039:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-039.asp
This is the actual security bulletin and provides full
details around the vulnerability, including
information on how to fix it or learn more via
Microsoft's knowledgebase.
- Cert.org Advisory: http://www.cert.org/advisories/CA-2003-23.html
This site thoroughly explains the RPC vulnerabilities in
Microsoft Windows and provides links to the security
update and information on how to disable DCOM, the
interface that can be exploited by an attacker. Please
carefully read through the disclaimer and possible
adverse effects that disabling DCOM can have on your
computer prior to electing to do so.
Speakeasy, Inc., claims no liablity or support for any
effects that disabling DCOM may have on your computer
and/or network.
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
