Microsoft Security Bulletin MS03-026

[felix 0]

If you haven't already seen this, see it now. If it has already been posted, sorry about the re-post.

 

 

http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp

 

Buffer Overrun In RPC Interface Could Allow Code Execution (823980)

Originally posted: July 16, 2003

 

Revised: July 21, 2003

 

Summary

Who should read this bulletin: Users running Microsoft ® Windows ®

 

Impact of vulnerability: Run code of attacker’s choice

 

Maximum Severity Rating: Critical

 

Recommendation: Systems administrators should apply the patch immediately

 

End User Bulletin: An end user version of this bulletin is available at:

 

http://www.microsoft.com/security/security_bulletins/ms03-026.asp.

 

Affected Software:

 

Microsoft Windows NT® 4.0

Microsoft Windows NT 4.0 Terminal Services Edition

Microsoft Windows 2000

Microsoft Windows XP

Microsoft Windows Server™ 2003

Not Affected Software:

 

Microsoft Windows Millennium Edition

[Mr.Guvernment 0]

many emails with viruses attached about this.

[felix 0]

I got my notification from "Mark Minasi's Windows Networking Tech Page

Issue #35 July 2003" received yesterday.

 

He seems fairly excited about it so I thought I'd tone it down a little and pass it on. His "Mastering Windows ........." series of books are very thorough so I figure if he's getting excited it's for a good reason.

 

Anyway, it's a 1mb patch from MS, so what harm can it do to install it?