Pink Floyd RPC DCOM flaw "in the wild"

The Inquirer ^ | October 12, 2003

[HAL9000]

YOU PROBABLY were expecting this.

Our attention has been drawn to another exploit which maybe is just waiting to explode into your attention.

A Russian site, which you can find here, suggests that Pink Floyd – a "universal exploit" for MS03-039 is out there and running.

According to the report, Windows XP SP1 with everything fixed is still likely to be exploited.

More later, if there's more later. µ

[BADROTOFINGER]

Huh?...JFK

[HAL9000]

Correct link to the Russian site - http://www.security.nnov.ru/search/document.asp?docid=5234

[Support Free Republic]

These Guys Don't Want You To Donate!
	Tick them off! Donate Here By Secure Server Or mail checks to FreeRepublic , LLC PO BOX 9771 FRESNO, CA 93794 or you can use PayPal at Jimrob@psnw.com
STOP BY AND BUMP THE FUNDRAISER THREAD- It is in the breaking news sidebar!

[Prodigal Son]

What's this about? Pink Floyd or a virus or something?

[My Favorite Headache]

One Slip and we all fall down the drain......

[HAL9000]

It's a "universal exploit" that could be modified to become a worm. No patch is available yet.

[Hawkeye's Girl]

What about Gibson's DCOMbobulator?

[Cicero]

Just so. The advantage of DCOMBobulator is that it doesn't just guard against known exploits. It turns off DCOM entirely, which closes a big security hole. Unless you are part of a corporate network that requires you to use DCOM, it's much better just to turn it off entirely instead of patching it each time a new virus comes out.

For instance, the default Windows settings configure your computer so someone else can control your Windows Media Player from another computer. Why is that necessary?

[sweetliberty]

Ping!

[lelio]

I can hear the song now "just another patch in the windows" (brick in the wall).