Search

  
 
Windows 2000 vulnerability could allow hackers to launch remote denial-of-service


November 23 2005

Windows 2000 vulnerability could allow hackers to launch remote denial-of-service

 


Exploit code has been published that could allow an attacker to launch a remote denial-of-service attack on Windows 2000 machines using all service pack versions. Microsoft issued an advisory warning about vulnerability (CAN-2005-3644) in its implementation of the Remote Procedure Call (RPC) protocol. The following five key steps are recommended to prioritise and implement proper protection against this vulnerability:

  1. Scan for the vulnerability, determine which systems are vulnerable;
  2. Deploy Service Pack 2 to any XP system that doesn’t have it; Service Pack 1 to any 2003 Server;
  3. Turn on the appropriate workstation firewall policies;
  4. This particular issue having exploit code published on the web will likely be top of the list for most customers.
  5. Confirm that an automated patching approach is in place to ensure rapid implementation once the patch available.
Alan Bentley, UK MD at patch management vendor, PatchLink Corporation commented: "While the time between when a vulnerability is found to when it is exploited can be as little as 48 hours, the average time companies take to patch externally facing systems is 19 days, leaving systems wide open to attack. In this case, a patch is not yet available, so it is crucial that companies ensure that they work around this problem." He added: "PatchLink will be working round the clock once a patch update is available from Microsoft to test, verify and fingerprint the critical software update for our subscribers. The need to prioritise and implement patches quickly is more critical than ever. Companies should be ready to deploy this fix rapidly once the patch is available as it does provide a way to allow a remote attacker to temporarily exhaust available memory on a vulnerable system – thus potentially requiring the user to reboot or disconnect from the network."


 

Reproduced from an article published by SecurityPark.net
© SecurityPark.net

The original article can be viewed here:
http://www.securitypark.co.uk/article.asp?articleid=24611&CategoryID=1

 Bookmark Digg this story

RSS feed  |  About RSS feeds

Get the Industry's top stories delivered straight to your inbox...
Firstname:

Surname:

Email:

Frequency:
 Daily  Weekly
 
© 2003-2012 Global Secure Systems Ltd | Privacy statement