This weblog is no longer being maintained. All information here has been ported to EclecticEchoes.com. This site (heupel.com/eclectic) remains only for archival purposes.
This week CERT and Microsoft released some new security info–
CERT Advisory CA-2003-23 RPCSS Vulnerabilities in Microsoft Windows affects Windows NT, Windows 200, Windows XP and Windows Server 2003. Microsoft has released a patch to prevent buffer overrun in the RPCSS that could allow code execution. Read the advisories and patch your system. Oh, and if you use Microsoft’s scanning tool this patch will require that you upgrade that tool as it will now report that a previous RPC buffer overrun patch has not been applied and report a vulnerability.