News

Microsoft Patches RPC Vulnerability Affecting NT 4

Microsoft Corp. this week patched a hole in Windows NT 4.0’s RPC service that leaves NT systems vulnerable to Denial-of-Service (DoS) attacks.

In a bulletin that it dispatched to members of its security listserv, the software giant acknowledged that an attacker who sends a particular kind of malformed data to port 135 – the default port on which RPC’s endpoint mapper “listens” for RPC requests – can cause the RPC service running on Windows NT 4.0 to fail.

Microsoft stressed that Windows 2000 and Windows XP systems are not affected by this vulnerability.

Most Windows-based applications leverage RPC to some extent. The primary services provided by Microsoft’s Exchange mail and messaging and SQL Server database platforms, in particular, are facilitated by RPC. The software giant’s IIS Web server platform, on the other hand, leverages RPC only as a means to provide management facilities. In this regard, IIS’ ability to serve Web pages would not be affected by an attack of this kind.

An attacker who exploits a vulnerability of this kind could cause all RPC-related services to fail. Administrators would then need to reboot an affected system to restore it to normal operation.

Security best practices require that Windows NT systems running Exchange and SQL Server be isolated behind firewalls. Many firewalls restrict access to port 135 by default, and most firewall hardening guidelines advise that external access to this port be restricted. As a result, Microsoft confirms, IT organizations who’ve taken these precautions should only be vulnerable to attacks from within.

Microsoft provided a patch for this vulnerability.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Deprecating Windows To Go

    Microsoft plans to put an end to its Windows To Go product in the near future, according to a Friday support article.

  • Microsoft Releases Hyper-V Server 2019 After Long Delay

    Acknowledging that the release took "way too long," Microsoft has made Hyper-V Server 2019 available for download from the Microsoft Evaluation Center page.

  • Forklift Container

    A Better Way To Upgrade Hyper-V Storage

    It's time again for Brien to perform a major storage upgrade on his Hyper-V hosts. But this time, he's taking a new approach.

  • RAMBleed Side-Channel Attack Method Disclosed by Researchers

    Academic researchers this week published information about another side-channel attack method, called "RAMBleed," that can expose information from memory chips, including encryption key information.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.