Network Associates' Gullotto seconded the warning by ISS. "This stack overflow is a significant vulnerability, and pretty easy to exploit," he said.
The second of the four bulletins released Tuesday, MS04-012, also grouped multiple vulnerabilities into one notice and patch update.
This cumulative security update includes four new vulnerabilities in the RPC/DCOM components of Windows -- the same modules that were exploited last summer by the havoc-wrecking MSBlast worm -- and the fix replaces all previous RPC/DCOM patches for Windows NT, 2000, XP, and Server 2003.
The most dangerous of the four new vulnerabilities is in the RPC Runtime Library, which could be exploited by an attacker who crafts a specially-built message to Windows. The hacker could take complete remote control of the system, although Microsoft said that the most likely result of an attack would be a denial of service, which would bring down Windows.
"The RPC/DCOM Runtime vulnerability should be of special concern to all users," said Gullotto. "There's great potential for another worm that exploits this."
Bob Friday, Chief AI Officer for Juniper Networks, explains how the advanced technology is transforming operations.
Contact center leaders from 8x8, Awaken Intelligence, and 360insight discuss the importance of agent experience.
AI may force enterprises to rewire parts of their data centers so they are fully optimized to run such workloads. The question is do you use Ethernet or InfiniBand?
