MS03-026 patched against 1 buffer overflow. MS03-039 patches against 3 new buffer overflows.
That means there are 4 problems in all. All 4 problems occur via DCOM over RPC. All 4 problems could be attacked in a similar fashion. All 4 problems (as they are likely to occur in an Internet-wide attack) can be thwarted by disabling DCOM. 2 of the 3 new problems can be turned into worms. If you applied MS03-026, you can still be attacked via the 3 problems patched by MS03-039. MS03-039 corrects all 4 known DCOM/RPC problems (that's what they mean when they say it "supercedes" MS03-026.) If you haven't patched, and are going to patch, patch with MS03-039. Anthony -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Robert Ahnemann Sent: Wednesday, September 10, 2003 20:31 To: [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] MS03-039 has been released - critical I ran the test program (as linked by MS) to see if the network showed as patched. I haven't patched any of the machines with the 039 code, but all are patched with the 026 one (original one as of July 16th) Does this exploit still work (as in leave a vuln) if we have patched 026? Might be a dumb question, but I bet other people are thinking it too. -----Original Message----- From: Exibar [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 12:42 PM To: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] MS03-039 has been released - critical anyone know of a 'sploit for this one yet? Or even proof of concept code? ----- Original Message ----- From: "Ryan, Pete" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 10, 2003 12:23 PM Subject: [Full-Disclosure] MS03-039 has been released - critical > > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/ > bulletin/MS03-039.asp > > -Pete > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
