Please Scroll Down to See Forums Below
MICROSOFT Security hole, make sure your computers are patched ASAP
- Thread starter gsxr1000
- Start date
Lumberg said:
If you have a pirated copy of xp and can't install SP1 then you'll have to change your registration number first. MS is blocking commonly pirated numbers.
When you connect for an update you give them a code that they validate against known hacked codes. If yours is a common hack they don't let you proceed.
MarthaStewart
New member
If this is the RPC vulnerability, then you will also need a firewall blocking ports 135 and 445.
Otherwise, you can patch and still be open to a denial of service.
Even though you aren't being exploited directly post patch, the incoming data on those ports will still freeze a variety of things on your system.
Other options are using a Mac or a *nix box- which I would assume is more expense and hassle than apply patches and buying a $50 firewall/router/switch all in one deal like a Linksys or Netgear solution for home users.
Otherwise, you can patch and still be open to a denial of service.
Even though you aren't being exploited directly post patch, the incoming data on those ports will still freeze a variety of things on your system.
Other options are using a Mac or a *nix box- which I would assume is more expense and hassle than apply patches and buying a $50 firewall/router/switch all in one deal like a Linksys or Netgear solution for home users.
musclebrains
New member
It infected my computer yesterday. Big hassle, but the patch eliminates it promptly.
I speculated the same regarding firewalls, Martha, and my support droid disagreed.
I speculated the same regarding firewalls, Martha, and my support droid disagreed.
MarthaStewart
New member
For the general user on here, they aren't using RPC.
If you are in a corporate environment, then it is obviously more feasible that you are going to have machines talking to each other that need it.
Still, that only rules out the software firewall on that machine from blocking ports.
You can still put a firewall on the outside connction to block said ports from coming in.
And again, for those that have to get their word in, of course won't work if you are making remote procedure calls, then fine - you might have issues.
But I stand by my statement that the users on here aren't in need of those ports, and are better served by blocking them.
If you are in a corporate environment, then it is obviously more feasible that you are going to have machines talking to each other that need it.
Still, that only rules out the software firewall on that machine from blocking ports.
You can still put a firewall on the outside connction to block said ports from coming in.
And again, for those that have to get their word in, of course won't work if you are making remote procedure calls, then fine - you might have issues.
But I stand by my statement that the users on here aren't in need of those ports, and are better served by blocking them.
Similar threads
