Windows RPC Vulnerability Fix - Positive Software Corporation

Leftb
Spacer Windows RPC Vulnerability Fix Spacer
Spacer Spacer Spacer
Spacer
Spacer Spacer Spacer
Spacer


A vulnerability was recently discovered in RPC Interface on Windows servers, which can be exploited by attackers to run code with Local System privileges.

You can tell your server has been hacked if:

  • The RPC Service is stopped
  • When domain applications are created, the user gets the following error in the browser:
    Server Application Error
    The server has reached the maximum recovery limit for the application during the processing of your request.

To recover WinBox from an attack:

  1. Start the RPC service
  2. Kill the inetinfo.exe process
  3. From the command prompt, run:
    iisreset /restart
  4. Restart hsphere by running:
    NET STOP HSSVC
    NET START HSSVC

To correct this vulnerability, install the corresponding patch published in the Microsoft Security Bulletin MS03-026.

Spacer


Spacer
Home   Products   Services   News  
Spacer
© Copyright. . PSOFT. All Rights Reserved. Terms | Site Map