|
ALARM Group ALERT ¿ click for a description of ALARM, The Computing Alert System
Alert Number: 101305-01
Alert Date: 10/13/05
Alert Title: Exploit released for Vulnerability detailed in October Microsoft security bulletin
Update-to:
101205-01 "TCP port 3372 blocked in response to Microsoft DTC and COM+ exploit"
101105-01 "Microsoft releases security bulletin for October"
OS/Platform/Application:
Windows Server 2003 (including Service Pack 1, x64 Edition, and SP1 for Itanium-based Systems)
Windows XP (Service Packs 1 and 2, also XP Professional x64 Edition)
Windows 2000 Service Pack 4
Windows Millennium Edition (Me)
Windows 98, 98 Second Edition (SE)
Category: UPDATE
Severity: HIGH
Attention: Windows System Administrators, Desktop Support Personnel |
Summary: Several Internet security monitoring and analysis agencies are reporting the public release at least one exploit that takes advantage of a vulnerability detailed in Microsoft Security Bulletin MS05-051. MS-05-051 was part of the October 11 release of monthly security updates provided by Microsoft (and is deemed as "critical" by the vendor). This bulletin deals with a vulnerability in the MSDTC and COM+ services.
Recommended Actions: Windows system managers and support personnel are strongly encouraged to read the bulletin (including all potential caveats) and (if appropriate) apply the patch AS SOON AS POSSIBLE as per the instructions provided by the vendor if they have not already done so.
ITS Actions: ITS Systems Management and Operations Staff will apply the patches to the appropriate ITS servers as part of the next scheduled system update. As detailed in Update 101205-01 "TCP port 3372 blocked in response to Microsoft DTC and COM+ exploit", TCP port 3372 remains blocked on the University's Internet Connection.
Resources:
Microsoft Security Bulletin MS05-051:
http://www.microsoft.com/technet/security/bulletin/MS05-051.mspx
