Results 1 to 4 of 4

Thread: Dcom Fix

  1. #1
    Hardware Guru TZ Veteran shadow_warez's Avatar
    Join Date
    Jul 2002
    Location
    Edmonton,
    Posts
    852

    Exclamation Dcom Fix

    The GRC DCOMbobulator


    Taming Windows' Dangerous DCOM / RPC System

    What is DCOM?

    Windows employs a component-based system to help programmers manage Windows' complexity. This system is called COM for "Component Object Model." Much of Windows itself, and many Windows programs, are assembled from individual COM components. Microsoft thought it would be "cool" if these COM components could find and use each other from different machines across a network, so Distributed COM (DCOM) was created to allow this. DCOM uses an existing networking protocol known as Remote Procedure Call (RPC), usually over Internet port 135, to host COM's distributed operation across a network.

    What's the problem?

    The problem is that this very powerful DCOM system, which allows pieces of your computer to be remotely activated and used from across a network -- even by any stranger across the Internet -- is always enabled in Windows systems by default. Microsoft's most recent DCOM patch, which fixes another (not the first) remotely exploitable vulnerability in this complex system, continues to defiantly leave the whole DCOM system exposed and enabled . . . and waiting for the next vulnerability to be discovered.

    What's the solution?

    Just turn it off. No Internet applications use or require DCOM. Some Windows applications support it, but those that do neither use nor require it. As with so many of Windows' easily avoided security vulnerabilities, Microsoft should never have chosen to enable DCOM by default, and they certainly should have had their most recent patch turn it off after the MSBlast worm event. But instead, all Windows systems are still running DCOM and waiting for the next disaster.

    You and I have the responsibility to fix this correctly by just saying no to DCOM.

    What does the DCOMbobulator do?

    The "Am I Vulnerable?" tab reports the current status of the DCOM system. It will tell you whether this machine's DCOM facility is enabled or disabled, and report on the system's vulnerability to the recent DCOM buffer overflow vulnerability. Reports that Microsoft's DCOM patch doesn't always "take" have been confirmed, so Windows systems may have remained vulnerable even after the DCOM patch has been applied. The DCOMbobulator allows any user to easily check this.

    The "DCOMbobulate Me!" tab allows a system's DCOM facility to be easily disabled and enabled with the push of one button. Shutting down Windows' dangerous, unnecessary, and exploit-prone DCOM system is just that simple.

    Command-line options allow these functions to be performed unattended and automatically whenever Windows starts up, by corporate login scripts, or at any other time required. See the DCOMbobulator web page for details of command line usage.

    You may select any other tabs for specific instructions and guidance in the use of this DCOM management utility.

    About this Freeware

    If you are not already familiar with my work, you may be puzzled by the small size and the simple "no installation" fast and effortless operation of this Windows utility. More than anything else in the world, I want to create high-quality software. As you can see from my web site and from this application, this is not just a bunch of talk. I hand-craft each of my applications in 100% pure assembly language -- the raw native language of the PC. I believe it is worth the extra time and effort to create long-lasting high-quality products.

    heres a link to get it,

    Dcom Fix


    A Great Sig Done by a Great Artist,

  2. #2
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    thx SW, this was a quick fix to the massive hole that struck mid last year aka Blaster etc. It cause massive problems if not patched. also look at ms-039 bulletin.

    --- 0wN3D by 3gG ---

  3. #3
    Hardware Guru TZ Veteran shadow_warez's Avatar
    Join Date
    Jul 2002
    Location
    Edmonton,
    Posts
    852
    yeah it helped patch some big holes in windows,


    A Great Sig Done by a Great Artist,

  4. #4
    Bronze Member Coffee's Avatar
    Join Date
    Dec 2003
    Posts
    190
    Applying the patch is probably a wise idea. You can simply turn off DCOM by going to Component Services, then browse to Component Services\Computers\My Computer, click properties, then the default settings tab and voila no more DCOM.
    Live long and prosper!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •