Results 1 to 4 of 4

Thread: Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

  1. #1
    Head Honcho Administrator Reverend's Avatar
    Join Date
    Apr 2002

    Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

    There are three identified vulnerabilities in the part of the Windows RPC service (RPCSS) that deals with RPC messages for DCOM activation. Two of the vulnerabilities might allow arbitrary code to be run; one of the vulnerabilities might result in a denial of service. The flaws result from incorrect handling of malformed messages. These vulnerabilities affect the Distributed Component Object Model (DCOM) interface in RPCSS. This interface handles DCOM object activation requests that are sent by client computers to the server.

    An attacker who successfully exploits these vulnerabilities might be able to run code with Local System rights on an affected computer, or could cause RPCSS to stop working. The attacker could then take any action on the computer, including installing programs, viewing, changing, or deleting data, or creating new accounts with full rights.

    Severity Rating - Critical

    Download patch: XP (all versions) | 2000 (all versions) | Server 2003 (all versions) | NT 4.0 (all versions)

    View: Microsoft Security Bulletin MS03-039

    View: Microsoft Knowledge Base Article - 824146
    Last edited by Reverend; September 11th, 2003 at 09:24 AM.

    =========== Please Read The Forum Rules ===========

  2. #2
    Titanium Member Tinker's Avatar
    Join Date
    Apr 2002
    Indiana U.S.A.
    For a quick check to see if it is installed on your computer...

    You may also be able to verify that this security patch is installed by confirming that the following registry key exists:

    Windows Server 2003
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP1\KB824146

    Windows XP
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP1\KB824146

    Windows XP with Service Pack 1 (SP1)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP2\KB824146

    Windows XP 64-Bit Edition Version 2003
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP1\KB824146

    Windows 2000
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP5\KB824146

    Windows NT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB824146

    As well you may want to check out Reverend's links because this is where I obtained this information..

    Thanks Reverend

    Last edited by Tinker; September 11th, 2003 at 06:02 AM.

  3. #3
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    I installed this on my longhorn test machine. It worked fine. I just had to use compatibility mode.


  4. #4
    all bets are off... TZ Veteran SupaStar's Avatar
    Join Date
    Jul 2002
    Another day, another RPC patch...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts