Today subscribers of Microsoft's official security mailing list received what seems like the beginning of the next script kiddies golden age. Microsoft have discovered a critical (Aye, brothers, indeed!) buffer overflow in the Remote Procedure Call service. Affected OS's range from NT 4.0 to their latest goliath -- Windows Server 2003, including 2000 and XP. For more information read the details, for the impatient , here's the download link, patch immediately (!) if affected: http://www.microsoft.com/technet/security/...in/ms03-026.asp
The Remote Procedure Call (RPC), which provides network interoperability and running by default on most win32 OS's (don't flame if I'm incorrect on the all part, please, urgency requires immediate release) is affected by a buffer overflow condition. Since the RPC service runs with SYSTEM privileges, this translates into disaster. The issue is as bad as some of the worst IIS 4.0 flaws, perhaps even worse. The topic has not been as of yet discussed on Security Focus's bugtraq list, so it is my guess Microsoft discovered the issue by internal means. At any rate, there's an exploit coming for this one any time soon so any and all users running Windows NT 4.0, 2000, XP and 2003 are to apply the referenced patch IMMEDIATELY and WITHOUT DELAY.
Common logic sugests this flaw is as old as Windows NT 4.0, draw your own conclusions. For those fine citizens of Mongola and those without technical security sk|11z the bottom line is: if you don't patch, in the next couple of weeks if not hacked, then you'll most probably become the victim of a worm. Yes, it's that serious.
View: Microsoft Security Bulletin MS03-026 for patch & details
The Remote Procedure Call (RPC), which provides network interoperability and running by default on most win32 OS's (don't flame if I'm incorrect on the all part, please, urgency requires immediate release) is affected by a buffer overflow condition. Since the RPC service runs with SYSTEM privileges, this translates into disaster. The issue is as bad as some of the worst IIS 4.0 flaws, perhaps even worse. The topic has not been as of yet discussed on Security Focus's bugtraq list, so it is my guess Microsoft discovered the issue by internal means. At any rate, there's an exploit coming for this one any time soon so any and all users running Windows NT 4.0, 2000, XP and 2003 are to apply the referenced patch IMMEDIATELY and WITHOUT DELAY.
Common logic sugests this flaw is as old as Windows NT 4.0, draw your own conclusions. For those fine citizens of Mongola and those without technical security sk|11z the bottom line is: if you don't patch, in the next couple of weeks if not hacked, then you'll most probably become the victim of a worm. Yes, it's that serious.
View: Microsoft Security Bulletin MS03-026 for patch & details
Since ALL other holographic storage technology use a spatial light modulator (SLM) which writes one complete page of data at a time. The data must loaded serially to the SLM and is destructively written so any mistakes on the serial loaded SLM means increased wasted write data time. This method is great for WORM data storage but when BIT FOR BIT Erase / Write / and Read of random data to a disk is needed in real time day to day applications the SLM concept will NOT be able to function.
Colossal Storages method for writing is like having billions of vertical spatial light modulated pages in one rewritable ferroelectric track, each track having billions of SLM's. Imagine having billions of SLM on the disk where the data is written / read in bit / byte / word accurately every time at atomic light speeds.
Ferroelectric non-linear photonic bandgap crystals offer the possibility of controlling and manipulating light within a UV/Deep Blue frequency. The small size of ferroelectric photonic bandgap structures makes it possible to fabricate transparent optical devices like volume atomic holographic storage having both positive and negative index of refraction.
Colossal Storage has over 1200 of the world's best scientist wanting to prove the patent and holographic concepts of the infinite rewritable random access nanotechnology.
Patents covers techniques and functions for controlling ferroelectric perovskite high-K dielectric binary dipole molecules properties which can be used for atomic holographic optical mass storage of data. The patents deal with techniques for fast data transfer read/write control of ferroelectric molecules which have a data retention life of >100 years.
Colossal Storage patents for ferroelectric optical storage wants to raise data storage densities > 40,000 terabits/cubic centimeter.
One 3.5 in FeDisk will = 20,000 DVD's or 4,000 Blu-ray disks
NANOTECHNOLOGY using Photon/Laser Induced Electric Field Poling Theory Invented by Michael E. Thomas has many other Non-Contact transparent nanophotonic or nanomolecular uses as per the NanoApplications examples below using our Patented NanoTechnology
- 3D Holographic Interactive Multimedia Storage Tablet
- Multiple different boot operating systems on common CPU platform
- 2D/3D Rewritable Atomic Holographic Removable Disk/Card/Drum/Paper
- 2D/3D Rewritable Holographic Disk/Card/Drum VCR
- 2D/3D Rewritable Holographic Camera/Photography/Profilometer
- 2D/3D Rewritable Atomic Holographic Maskless Lithography and Xerography Tool for 3D NanoPrinting and 3D NanoImprinting
- Programmable 3D Holographic In Circuit Telecommunications, Waveguides and Microwave NanoOptoTransceiver Communication Equipment
- 3D Programmable UV/deep blue Laser Photon Emitter Source
- Re-Programmable 3D Holographic Optical Murals and Window Glass of any size for home, office, museum, skyscraper, and movie theatres
- 3D Holographic Programmable Camouflage Coatings and Programmable Holographic Stealth Photonic Invisibility
- 3D Programmable Holographic NanoSwitch for High Speed Bi-direction Optical Transmission & Receiver Optical Network Telecommunications
- In circuit Re-Programmable Atomic Holographic Photonic Crystal Multiplexers for a wide range of light frequencies
- 2D/3D Programmable MEMS/NEMS and Nanooptical Reflective Switches
- 2D/3D RE-Programmable Transparent Optical Nanomotors, Nanoconveyors, Nanoneedles, Nanosensors, and Nanovalves
- 2D/3D Holographic Programmable Transparent Optical Nanowiring
- 2D/3D Transparent Photonic Optical NLO Crystal NanoTransistor to densities > 40,000 tera-transitors/cu.cm.
- 3D Optical, Laser, Photon, Molecular , or Atomic Computers
- Anthrax / SARS and other molecules bioparticle detection and classification
- 3D Photonic Nanocontrolled Biological Particle/Molecule containing ferroelectric perovskites for detection, sampling, monitoring, counterfeit
- 2D/3D Non-Contact Optical Electrophoresis
- 2D/3D NanoCeramic Extreme High Temperature Coatings
- 2D/3D Holographic NanoIntegrated Circuit Photolithography for rewritable in circuit reformation fabrication of existing Optical Nanocircuits
- 2D/3D Photonic/Molecular/Atomic NanoSwitches for Broadband Telecommunications
- 2D/3D Optical NanoLight Valves and NanoRelays
- 2D/3D Precision Reprogrammable Holographic NanoLenses
- 2D/3D Programmable Atomic Holographic Light Filters having both positive and negative index of refraction.
- 2D/3DProgrammable Holographic Transparent Optical Wiring
- 2D/3D Identification Tags / Badges for Products, Identification Cards for DMV / SSN / INS / Passports / Birth Certificates , Counterfeit Money Protection, Money Orders / Credit Cards / Travellars Checks / Tickets, Music and Film Industry and other Copyrighted sources for 100 % Absolute 2D/3D Protection from Intellectual Property (IT) Theft
- 3D Spintronics and Quantum Molecular Computing.
Michael E. Thomas
Colossal Storage Corporation
www.colossalstorage.net
happy *looks down* edited for b**ching content
Last edited by 26925 on 16 Jul 2003 - 20:49
I wonder what his reaction would be if MS didn't have a patch for this RIGHT NOW. Some people just don't know when to back off.
ive been through 2 court cases involving hackers and my internet/money/software so how about you **** *** . i can complin all i wish because it s my god given right i thankyou very much
^_^ rightio that solved back to me again
1. Acknowledgments
Microsoft thanks The Last Stage of Delirium Research Group for reporting this issue to us and working with us to protect customers. (Fun, isn't it? This also means it was reported to them about at least 3 months ago, and God knows what sort of thief & mischief the black hats with private 0 dayz have been up to during that time)
2. Yes, I know it's spelled suggest, and I owe a formal apology to the entire Monoglian nation for misspelling their country name
...
I do not know much about firewalls and TCP/IP.
lets say that I got a firewall that redirects all ports to my pc, but I want to filter out only the ports affected by this vunerability and the messenger service, which ports would need to be blocked?
thanks.
In theory everything can be hacked given enough time, talent, and resources (more of a fact really); so the more layers of difficulty that you provide, the better your chances are of keeping the "script kiddies" out. Just like submarines compartmentalize their structure so that if the hull is breached the water can be contained; so should a solid infrastructure be built.
Of course if the only box you have to protect is your own personal workstation; then a breach which might result in an OS format/reinstall doesn't carry the same weight as does potentially hacking a corporate infrastructure.
OH NO! This must be the first time in history our computers have been exposed to worms?
Honestly, this is just another patch, not as serious as people would like to have us believe.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.