ISS X-Force has just released a Security Advisory titled, "Microsoft RPC Race Condition Denial of Service". This issue was discovered internally at ISS and soon after by various third parties. ISS notified Microsoft of the vulnerability yesterday and ISS initiated the accelerated disclosure process documented in our X-Force Vulnerability Disclosure Guidelines (http://documents.iss.net/literature/vulnerability_guidelines.pdf) in response to publication of functional tools to exploit the DoS condition and public discussions of the vulnerability. Also, please note that this vulnerability is not a new attack vector against MS03-039 patch-level systems (as reported elsewhere), but a new issue entirely relating to thread management and incoming RPC requests.
Regards, =============================== Daniel Ingevaldson Engineering Manager, X-Force R&D [EMAIL PROTECTED] 404-236-3160 Internet Security Systems, Inc. The Power to Protect http://www.iss.net =============================== _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
