RPC DCOM buffer overflow exploit

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Topkat

Thread Starter
Joined
Aug 10, 2003
Messages
401
When I visit hotmail.com to log on I have to switch my Sygate FW to 'Allow All' or else I get the following message:

" Browser Not Supported

Microsoft® .NET Passport no longer supports the Web browser version you are using. Please upgrade to a current Web browser, such as Microsoft Internet Explorer version 4.0 or later, or Netscape Navigator version 4.08 or later"

I can reset Security setting to normal once again as soon as the hotmail login site is loaded. When this happened this morning, I almost immediately got a warning from Sygate (see attach)

I have downloaded the recent windows update regarding RPC vunerability. But nevertheless, have been getting seeral of these warnings. Anyone got any ideas?
 

Attachments

Joined
Mar 20, 2003
Messages
4,823
Top cat, you might want to read

M$KB 302708 Some Web Site Services Do Not Work After You Upgrade to Internet Explorer 6

M$KB 301455 Unable to Log on to Web Site or Gain Access to Some Web Site Services

M$KB 813444 Troubleshoot Situations Where You Cannot Complete MSN Sign-up pr Connect to SSL Secured (128-Bit) Web Sites by Using Internet Explorer in Windows XP

It can also occur when your using an application like Norton Internet Security, AdSubtract Pro, Guidescope, Proxomitron, Webwasher, and the like to block Browser/User Agent information.

As a result a website can't identify your browser, and therefore assumes it is an unsupported version or type.
 

Topkat

Thread Starter
Joined
Aug 10, 2003
Messages
401
putasolution, thanks for the reply.

M$KB 302708 Some Web Site Services Do Not Work After You Upgrade to Internet Explorer 6
To work around this issue, configure your Internet Explorer privacy settings to Low or Accept All Cookies
I don't think lowering my security settings is a feasible option

M$KB 301455 Unable to Log on to Web Site or Gain Access to Some Web Site Services

In some cases, you may be able to work around this issue by upgrading to a later version of Internet Explorer or by uninstalling to use an earlier version of Internet Explorer.
After determining which browser version I am using it appears to be "6.00.2800.1106 Internet Explorer 6 Service Pack 1 (Windows XP SP1)". I am running Win2k SP4 though. Could this the cause of the problem? Should I uninstall IE6 and revert to an earlier version?


Also, I'm still curious about the RPC exploit that's been appearing in my firewall logs in last few days.
 

Topkat

Thread Starter
Joined
Aug 10, 2003
Messages
401
It's alright AcaCandy, I've got it sorted, well I hope so anyway.
Rollin' Rog has posted a link to one of Steve Gibson's app's to disable the DCOM and hopefully end these RPC vunerabilities
 

~Candy~

Retired Administrator
Joined
Jan 27, 2001
Messages
103,706
Cool, I thought initially they were saying that disabling wasn't a good idea..... :confused:

Another day, another solution :D
 

Topkat

Thread Starter
Joined
Aug 10, 2003
Messages
401
Well, that's the problem with the 'DCE/RPC DCOM buffer overflow exploit' warnings in my FW sorted.

Now I just need to know if I should be uninstalling IE6 as mentioned above so I can visit hotmail login page without having to disable my FW?

The reason I'm asking is because that is what left me open to RPC vunerability in the first place, and although I've disabled DCOM now, my port 135 is still open because I'm running Win2k (Aside from DCOM, port 135 is also held open by the Windows Task Scheduler and Distributed Transaction Coordinator (MSDTC) services under Windows NT/2000/XP/2003). And undoubtedly there'll be another hole MS have missed and next time I won't be so lucky.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top