ITS Homepage Click here for text version of ITS homepage University at AlbanyUAlbany Site IndexUAlbany Search
alerts_tag

ALARM Group ALERT ¿ click for a description of ALARM, The Computing Alert System
Alert Number:  101205-01 
Alert Date:  10/12/05
Alert Title:  TCP port 3372 blocked in response to Microsoft DTC and COM+ exploit
Update-to:  ALERT 101105-01 "Microsoft releases security bulletin for October"
OS/Platform/Application:  
Windows Server 2003 (including Service Pack 1, x64 Edition, and SP1 for Itanium-based Systems )
Windows XP (Service Packs 1 and 2, also XP Professional x64 Edition)
Windows 2000 Service Pack 4
Windows Millennium Edition (Me)
Windows 98, 98 Second Edition (SE)
**ALSO ANY CUSTOM OR NON-MICROSOFT APPLICATIONS THAT USE TCP PORT 3372**
Category:  UPDATE
Severity:  N/A
Attention:  Windows System Administrators, Desktop Support Personnel, Application Developers


Summary: At approximately 8:45 today (October 12) Telecommunications Staff blocked ingress/egress access for TCP port 3372 on the University's Main Internet connection.  This action was peformed in keeping with the recommendations of several Internet Security Agencies and represents an effort to minimize the potential for Internet-based exploitation of UNPATCHED University computers via a vulnerability detailed in Microsoft Secuirty Bulletin MS05-051.


Recommended Actions:  This block is not intended to supplant the installation of patch MS05-051 on all vulnerable University computers.  TCP port 3372 is most widely known to be used by Microsoft Distributed Transaction Coordinator (MSDTC) and Component Object Model/Microsoft Transaction Server (collectively referred to as "COM+"). It is possible that some non-microsoft applications (commercial or custom-developed) may also use TCP port 3372 as part of their communications process; if you manage or maintain an application that began experiencing Internet connectivity problems at 8:45 on 10/12/05 please contact the Telecommunications Service Center at telecom@uamail.albany.edu and reference ALARM Update 101205-01.

ITS Actions: As above.

Resources:
Security Bulletin MS05-051 **CRITICAL** Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/MS05-051.mspx

Microsoft MSDTC Configuration COnfiguration Info:
http://support.microsoft.com/default.aspx?scid=kb;en-us;290624

Microsoft COM+:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnanchor/html/complus_anchor.asp

 

BLANKABCDEFGHIJKLMBLANK
BLANKNOPQRSTUVWXYZBLANK
CHOOSE FROM the ITS Site Index

GO TO an ITS Group
Information Technology Services
University at Albany, SUNY
1400 Washington Avenue
Albany, NY 12222
ITS Service Centers:  518-442-4000
  		University at Albany Home Page
Contact UAlbany | Directories | Calendars | Visitors | Site Index | Search
Admissions | Academics | Research | IT Services | Libraries | Athletics
Internet Privacy Policy              IT Policies