A new critical Microsoft flaw
I mention this because Microsoft announced another critical flaw affecting DCOM RPC and released a new patch to fix it that supersedes the previous patch for this protocol. While there are still no public exploits that take advantage of this flaw (exploits are often precursors to major worms), the clock is ticking. History has shown that worms are usually released within 30 days of a major vulnerability announcement. In July, for example, Microsoft reported and patched a buffer-overflow vulnerability in RPC based on the work of the Last Stage of Delirium Research Group. The MSBlast worm, which capitalised on this vulnerability, appeared on August 12.
Genderuwo Dibelakangku
