1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

RPC DCOM buffer overflow exploit

Discussion in 'Virus & Other Malware Removal' started by Topkat, Sep 13, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Topkat

    Topkat Thread Starter

    Joined:
    Aug 10, 2003
    Messages:
    401
    When I visit hotmail.com to log on I have to switch my Sygate FW to 'Allow All' or else I get the following message:

    " Browser Not Supported

    Microsoft® .NET Passport no longer supports the Web browser version you are using. Please upgrade to a current Web browser, such as Microsoft Internet Explorer version 4.0 or later, or Netscape Navigator version 4.08 or later"

    I can reset Security setting to normal once again as soon as the hotmail login site is loaded. When this happened this morning, I almost immediately got a warning from Sygate (see attach)

    I have downloaded the recent windows update regarding RPC vunerability. But nevertheless, have been getting seeral of these warnings. Anyone got any ideas?
     

    Attached Files:

  2. putasolution

    putasolution

    Joined:
    Mar 20, 2003
    Messages:
    4,823
    Top cat, you might want to read

    M$KB 302708 Some Web Site Services Do Not Work After You Upgrade to Internet Explorer 6

    M$KB 301455 Unable to Log on to Web Site or Gain Access to Some Web Site Services

    M$KB 813444 Troubleshoot Situations Where You Cannot Complete MSN Sign-up pr Connect to SSL Secured (128-Bit) Web Sites by Using Internet Explorer in Windows XP

    It can also occur when your using an application like Norton Internet Security, AdSubtract Pro, Guidescope, Proxomitron, Webwasher, and the like to block Browser/User Agent information.

    As a result a website can't identify your browser, and therefore assumes it is an unsupported version or type.
     
  3. Topkat

    Topkat Thread Starter

    Joined:
    Aug 10, 2003
    Messages:
    401
    putasolution, thanks for the reply.

    M$KB 302708 Some Web Site Services Do Not Work After You Upgrade to Internet Explorer 6
    I don't think lowering my security settings is a feasible option

    M$KB 301455 Unable to Log on to Web Site or Gain Access to Some Web Site Services

    After determining which browser version I am using it appears to be "6.00.2800.1106 Internet Explorer 6 Service Pack 1 (Windows XP SP1)". I am running Win2k SP4 though. Could this the cause of the problem? Should I uninstall IE6 and revert to an earlier version?


    Also, I'm still curious about the RPC exploit that's been appearing in my firewall logs in last few days.
     
  4. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
  5. Topkat

    Topkat Thread Starter

    Joined:
    Aug 10, 2003
    Messages:
    401
    It's alright AcaCandy, I've got it sorted, well I hope so anyway.
    Rollin' Rog has posted a link to one of Steve Gibson's app's to disable the DCOM and hopefully end these RPC vunerabilities
     
  6. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    Cool, I thought initially they were saying that disabling wasn't a good idea..... :confused:

    Another day, another solution :D
     
  7. Topkat

    Topkat Thread Starter

    Joined:
    Aug 10, 2003
    Messages:
    401
    Well, that's the problem with the 'DCE/RPC DCOM buffer overflow exploit' warnings in my FW sorted.

    Now I just need to know if I should be uninstalling IE6 as mentioned above so I can visit hotmail login page without having to disable my FW?

    The reason I'm asking is because that is what left me open to RPC vunerability in the first place, and although I've disabled DCOM now, my port 135 is still open because I'm running Win2k (Aside from DCOM, port 135 is also held open by the Windows Task Scheduler and Distributed Transaction Coordinator (MSDTC) services under Windows NT/2000/XP/2003). And undoubtedly there'll be another hole MS have missed and next time I won't be so lucky.
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/164513

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice