Previous
Another Security Bug For Microsoft?
News It was a vulnerability in Microsoft's DCOM code that was used as the basis for the creation of the devastating Blaster worm. The latest glitch is in Window's DCOM code -- the same component of Windows targeted by the Blaster and Nachi worms in...
[October 15, 2003, 10:00]
Why You Must Install A Firewall -- Now review
Reviews Microsoft added DCOM to Windows NT, and eventually to Windows 95, around 1996. I mention this because Microsoft announced another critical flaw affecting DCOM RPC and released a new patch to fix it that supersedes the previous patch for this protocol.
[October 17, 2003, 11:30]
Preventing And Removing The Nachi Worm
News Nachi (w32.nachi.a, also known as Welchia, worm_msblast.d, and Sachi) exploits the same Microsoft DCOM RPC Windows flaw as MSBlast, but it removes traces of that worm and even downloads the correct version-specific DCOM RPC patch to prevent...
[August 20, 2003, 10:15]
Cleaning Up After The MSBlast Worm
News The worm exploits a widely publicised "DCOM" vulnerability found in several versions of Microsoft Windows. It is worth noting that an updated version of the worm could affect other Microsoft operating systems, so it is recommended that all systems...
[August 12, 2003, 14:59]
Microsoft Steers Away From Object Orientation
News Speaking at the Developing Software for the Future Microsoft Platform conference in London's Queen Elizabeth II Conference Centre on Monday, Microsoft software architect Don Box said the company will not invest much more in COM and DCOM...
[January 27, 2004, 15:30]
Finding Flaws Helpful - MS Security Chief
News During an interview with ZDNet Australia, software engineer George Stathakopoulos, who is responsible for ensuring Microsoft products are as secure as possible, said the "DCOM" vulnerability -- which was discovered by security group the Last Stage...
[August 6, 2003, 11:45]
Networks Must Counter Triple Threat
News Blaster takes advantage of a DCOM RPC vulnerability in newer Microsoft Windows operating systems. When it finds one, it attempts to exploit the DCOM RPC buffer overflow, create a remote root shell on TCP port 4444, then use FTP to download a file...
[August 21, 2003, 12:40]
Windows XP SP2 More Secure? Not So Fast review
Reviews Windows XP SP2 also makes important changes to core Windows components, such as DCOM and RPC (flaws within the DCOM RPC led to the damaging MSBlast attack last year). But Microsoft's much heralded Windows XP Service Pack 2 has finally arrived.
[August 17, 2004, 13:55]
Why Did MSBlast Fail To Take Down Microsoft?
News For example, blocking TCP port 135 on routers will stop MSBlast but also other software that makes use of the DCOM service, such as Microsoft Exchange. MSBlast, like most other worms, came shortly after the announcement of a DCOM Remote Procedure...
[August 28, 2003, 13:30]
Windows XP Service Pack 2 Security Technologies - Level 200
White Papers This in-depth discussion will examine how networking security is enhanced through Windows Firewall, RPC restrictions and DCOM improvements; how application memory is protected by the "no execute (NX)" feature; how browsing is made safer through...
[November 28, 2004, 23:00]
Windows XP Service Pack 2 Security Technologies-Level 200
White Papers This in-depth discussion will examine how networking security is enhanced through Windows Firewall, RPC restrictions and DCOM improvements; how application memory is protected by the "no execute (NX)" feature; how browsing is made safer through...
[January 7, 2005, 23:00]
TechNet Webcast: Windows XP Service Pack 2 Security Technologies - Level 200
White Papers This webcast will examine how networking security is enhanced through Windows Firewall, RPC restrictions and DCOM improvements; how application memory is protected by the "no execute (NX)" feature; how browsing is made safer through new Microsoft...
[August 11, 2005, 0:00]
Paessler WMI Tester
Downloads WMI is based on COM and DCOM and is integrated in Windows 2000, XP, 2003, Vista and later. Windows Management Instrumentation" is the latest technology from Microsoft for monitoring and managing Windows based systems.
[October 30, 2007, 3:01]
Build Next-generation Applications Now
News For example, applications written on a Microsoft platform that uses DCOM (Distributed Component Object Model) require "holes" that have to be punched in the firewalls to allow NetBIOS packets to pass through.
[June 6, 2002, 13:33]
Top 10 Reasons To Migrate To .Net
News In the past, the Microsoft architecture has been built on COM/DCOM, a binary standard for allowing cross-process communication. For example, Fujitsu has created netCOBOL .Net, which integrates directly into the IDE, so you can write Web services...
[November 19, 2002, 11:50]
Code Mishmash Drives MSBlast
News That program, known as dcom.c, attempts to use a vulnerability in a widely used component of the operating system that allows other computers to ask Windows systems to perform an action or service. Starting on Saturday, every computer infected with...
[August 13, 2003, 8:39]
Remote Tool Attacks Windows Servers
News The flaw is in the distributed component object model (DCOM) interface, a part of the OS that allows other computers to request the system to perform an action or service. By sending too much data to the DCOM interface, an attacker can cause the...
[August 4, 2003, 8:55]
Longhorn And The Linux Long-game
Talkback How many linux machines got hit by the dcom worm, and what were the machines microsoft set up to protect their website during the attacks running? Because of how vastly superior unix variants have performed for me, you couldn't pay me to go back to...
[April 18, 2005, 22:19]
Protecting Yourself From The MSBlast Worm
News The worm takes advantage of the Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface, which was patched in MS03-026, on 17 July, 2003. When it finds one, it attempts to exploit the DCOM RPC buffer overflow, create a...
[August 12, 2003, 10:15]
Sun's Ongoing War With Microsoft
News Microsoft had also spent years dealing with its own problems with versioning (aka "DLL Hell") and performance issues with its communications protocols (most notably DCOM). Despite getting a judge in its landmark case against Microsoft to grant a...
[February 25, 2003, 8:38]
