Previous
DCOM Technical Overview
White Papers Microsoft's distributed COM (DCOM) extends the Component Object Model (COM) to support communication among objects on different computers-on a LAN, a WAN, or even the Internet. With DCOM, your application can be distributed at locations that make...
[July 12, 2007, 2:42]
Why you must install a firewall -- now review
Reviews I mention this because Microsoft announced another critical flaw affecting DCOM RPC and released a new patch to fix it that supersedes the previous patch for this protocol. MSBlast, the worm that exploited the buffer overflow in Windows' DCOM RPC...
[October 17, 2003, 11:30]
Cleaning up after the MSBlast worm
News It is worth noting that an updated version of the worm could affect other Microsoft operating systems, so it is recommended that all systems are patched against the DCOM vulnerability. The worm exploits a widely publicised "DCOM" vulnerability...
[August 12, 2003, 14:59]
Preventing and removing the Nachi worm
News Nachi (w32.nachi.a, also known as Welchia, worm_msblast.d, and Sachi) exploits the same Microsoft DCOM RPC Windows flaw as MSBlast, but it removes traces of that worm and even downloads the correct version-specific DCOM RPC patch to prevent...
[August 20, 2003, 10:15]
Finding flaws helpful - MS security chief
News During an interview with ZDNet Australia, software engineer George Stathakopoulos, who is responsible for ensuring Microsoft products are as secure as possible, said the "DCOM" vulnerability -- which was discovered by security group the Last Stage...
[August 6, 2003, 11:45]
Why did MSBlast fail to take down Microsoft?
News MSBlast, like most other worms, came shortly after the announcement of a DCOM Remote Procedure Call (RPC) vulnerability in Windows NT, 2000, and XP systems. For example, blocking TCP port 135 on routers will stop MSBlast but also other software...
[August 28, 2003, 13:30]
Networks must counter triple threat
News When it finds one, it attempts to exploit the DCOM RPC buffer overflow, create a remote root shell on TCP port 4444, then use FTP to download a file called msblast.exe onto the infected computer. Blaster takes advantage of a DCOM RPC vulnerability...
[August 21, 2003, 12:40]
Windows XP SP2 more secure? Not so fast review
Reviews Windows XP SP2 also makes important changes to core Windows components, such as DCOM and RPC (flaws within the DCOM RPC led to the damaging MSBlast attack last year). It's late. It's large. But Microsoft's much heralded Windows XP Service Pack 2...
[August 17, 2004, 13:55]
Build next-generation applications now
News For example, applications written on a Microsoft platform that uses DCOM (Distributed Component Object Model) require "holes" that have to be punched in the firewalls to allow NetBIOS packets to pass through.
[June 6, 2002, 13:33]
Microsoft steers away from object orientation
News Speaking at the Developing Software for the Future Microsoft Platform conference in London's Queen Elizabeth II Conference Centre on Monday, Microsoft software architect Don Box said the company will not invest much more in COM and DCOM...
[January 27, 2004, 15:30]
Another security bug for Microsoft?
News The latest glitch is in Window's DCOM code -- the same component of Windows targeted by the Blaster and Nachi worms in August -- but researchers are at this stage reluctant to call the flaw a full-blown exploitable vulnerability.
[October 15, 2003, 10:00]
Web Services Testing: A Primer
White Papers DCOM and CORBA traditionally achieved what web services are now offering but with an exception to interoperability, which they later provide in a true sense. In addition, COM+, DCOM (Distributed Component Object Model) implementations from...
[January 12, 2008, 0:01]
Flaw threatens major worm attack
Talkback The DCOM RPC Controller Service cannot be disabled unless you aren't using anything involved with the internet. "Patch quickly and disable the vulnerable service" The patches from Microsoft don't work and firewalls are usless if do not set them up...
[August 7, 2003, 20:30]
Aspectizing Middleware Platforms
White Papers Over the past decade, middleware platforms such as DCOM, CORBA, and .NET, have become increasingly popular, addressing software engineering problems for distributed application development. Often, the same functional middleware platform model has...
[January 3, 2009, 0:00]
Microsoft steers away from object orientation
Talkback A move away from COM/DCOM is not the same as a move away from object orientation! Please try to understand the subject before writing an article about it, otherwise you only end up making yourself look stupid.
[January 29, 2004, 11:36]
Configuring SAS9 for Application Development With ASP.NET
White Papers This paper describes how to configure the SAS DCOM settings and directory permissions to enable ASP.NET applications to launch SAS sessions. Integrating SAS functionality in server side processing of web applications is a commonly discussed topic.
[February 5, 2009, 0:00]
Protecting yourself from the MSBlast worm
News The worm takes advantage of the Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface, which was patched in MS03-026, on 17 July, 2003. When it finds one, it attempts to exploit the DCOM RPC buffer overflow, create a...
[August 12, 2003, 10:15]
Emco EventLog Audit Professional
Downloads EMCO EventLog Audit Professional uses a DCOM service that is automatically sent to the remote computers in order to collect the events. EMCO EventLog Audit Professional is a tool for scanning, storing, and manipulating event log data on a LAN.
[October 30, 2006, 13:53]
Migrating to a Service-Oriented Architecture: Know the Benefits, Consider the Risks, Plan for Success
White Papers Technologies to implement SOAs, such as DCOM and CORBA, have been around for quite a long time. Migrating from a systems-based architecture to an SOA means that the architecture consists of small and individual services, which can be reused while...
[May 9, 2008, 1:02]
Microsoft Security Update
Downloads The worm attempts to exploit the DCOM RPC vulnerability patched by MS03-026. The Microsoft Product Support Services Security Team is issuing this alert to inform customers about a new worm named W32.Blaster.Worm which is spreading in the wild.
[August 12, 2003, 8:00]
