FYI: Critical Security Update for Microsoft Windows Dear Microsoft Technology Partner: On July 16, 2003, Microsoft(r) released a critical security bulletin (MS03-026) and a software patch (http://go.microsoft.com/?linkid=210348) to address a vulnerability in the Windows(r) operating system that could allow code execution. The incident has been widely reported in the press and the patch has been made available to Microsoft customers and partners. If you were not aware of this bulletin and corresponding patch, we urge you get the information now (http://go.microsoft.com/?linkid=210349) and determine if you are running an affected version of the Windows operating system. If your systems are vulnerable, please apply this patch as soon as possible. We also encourage you to contact your customers and advise them of the Microsoft bulletin and corresponding patch. Although we encourage you to pay attention to all security bulletins and to deploy patches in a timely manner, we want to call special attention to this particular instance. We have become aware of some activity on the Internet that we believe increases the likelihood of exploiting this vulnerability. Specifically, code has been published on several Web sites that would allow someone to spread a worm or virus that takes advantage of the vulnerability in question, thereby affecting your computing environment. It is our goal to produce the most secure and dependable technology possible, but we become aware of these types of vulnerabilities. To minimize the risks of such vulnerabilities to your computing environment, we encourage you and your customers to subscribe to two services that Microsoft provides: * The Windows Update service (http://go.microsoft.com/?linkid=210350) * The Microsoft Security Notification service. (http://go.microsoft.com/?linkid=210351) By subscribing to these two services you will automatically receive information on the latest software updates and the latest security notifications, improving the likelihood that your computing environment will be safe from worms and viruses. We apologize for any inconvenience the implementation of this patch might cause but appreciate you taking the time to update your system. Thank you, Microsoft Corporation _____ Brian Claus, A+, Network+, MCP Network Administrator WESCO Distribution, Inc. 225 West Station Square Drive, Suite 700 Pittsburgh, PA 15219-1122 Phone: 412-454-2412 Fax: 412-454-2540 bclaus@xxxxxxxxxxxxx <mailto:bclaus@xxxxxxxxxxxxx> _____ -----Original Message----- From: Ryan Lambert [mailto:rlambert@xxxxxxxxxxxxxxx] Sent: Friday, August 01, 2003 11:06 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: *** RPC ALERT *** We got hit. John, Basic FW filtering should mitigate this relatively effectively? -----Original Message----- From: John Twilley [mailto:John.Twilley@xxxxxxxxxxxxxxxxxxxxx] Sent: Friday, August 01, 2003 11:00 AM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] *** RPC ALERT *** We got hit. Importance: High Just a heads up... You all have heard on the RPC exploit that effects Win NT/2000/XP/2003. We just got a taste of it in our Italy office...and it is BAD! VERY BAD. Win XP / 2000 / 2003 You will notice that the DEFAULT recover setting for the RPC service is to (Drum-Roll) RESTART the server after 1 minute. Guess what, it does. Server restarts every couple of minutes. WOW. Take it from me... PATCH EVERYTHING NOW. Yes. Everything. More Details. http://www.microsoft.com/technet/treeview/?url=/technet/security/bulleti n/MS 03-026.asp ******************************************************** This weeks sponsor - RTOSoft TScale Complaints about applications response time - DO SOMETHING ABOUT IT! TScale 2.0 improves applications response time and increases terminal server capacity. Really get MORE from your existing servers! Free eval: http://www.rtosoft.com/enter.asp?id=130 ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This weeks sponsor - RTOSoft TScale Complaints about applications response time - DO SOMETHING ABOUT IT! TScale 2.0 improves applications response time and increases terminal server capacity. Really get MORE from your existing servers! Free eval: http://www.rtosoft.com/enter.asp?id=130 ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This weeks sponsor - RTOSoft TScale Complaints about applications response time - DO SOMETHING ABOUT IT! TScale 2.0 improves applications response time and increases terminal server capacity. Really get MORE from your existing servers! Free eval: http://www.rtosoft.com/enter.asp?id=130 ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm