TechnologyAccounting SoftwareMicrosoft warns on three critical bugs

Microsoft warns on three critical bugs

Microsoft has warned Windows users of three 'critical severity' vulnerabilities present in the Remote Procedure Call service used in its Windows operating system.

Link: ‘Great Plains unscathed by flaws’

The company has also provided a new patch for the earlier security vulnerability in a Windows Distributed Component Object Model RPC interface.

The first two vulnerabilities uncovered yesterday could allow a buffer overflow to enable hackers to execute arbitrary code, while the third could result in a denial of service (DoS) attack.

An attacker could exploit these vulnerabilities by crafting a packet and sending it to a vulnerable server.

Doing so would either allow the attacker to execute code on the victim’s machine (buffer overflow vulnerability), or cause the machine to crash and restart (DoS vulnerability).

Microsoft warned a malicious attacker may use the buffer overflow vulnerability to execute code on the victim machine, gaining local system privileges on an affected system.

This would allow them to install programs, view, change or delete data, or create new accounts with full privileges.

The RPC service provides remote procedure calls between objects executing on two remote machines running the Windows operating system.

Microsoft said versions affected include:-

  • Windows NT 4.0 Server (buffer overflow vulnerability only)
  • Window NT 4.0, Terminal Server Edition (buffer overflow vulnerability only)
  • Windows 2000 (buffer overflow and DoS vulnerabilities)
  • Windows XP (buffer overflow vulnerability only)
  • Windows Server(TM) 2003 (buffer overflow vulnerability only)

Windows users are advised to update their systems with Microsoft patch available on the Microsoft web site at: http://www.microsoft.com/security/security_bulletins/ms03-039.asp

Related Articles

5 key tech innovations helping accountants transform their businesses

Accounting Software 5 key tech innovations helping accountants transform their businesses

3w Heather Darnell, Founder of Ask the BOSS
Finance and the tech foundation: what’s needed to deliver impactful business insights?

Accounting Software Finance and the tech foundation: what’s needed to deliver impactful business insights?

3m Workday | Sponsored
Best accounting software for businesses in the UK

Accounting Software Best accounting software for businesses in the UK

4m Accountancy Age, Reporters
Making sense of enterprise tech concepts for finance teams

Accounting Software Making sense of enterprise tech concepts for finance teams

4m Workday | Sponsored
Open Banking: what you need to know

Accounting Software Open Banking: what you need to know

4m Edward Berks, Xero
Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

6m Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

10m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

10m Alia Shoaib, Reporter