Microsoft released three security bulletins today regarding three problems in Windows platforms, one of which Microsoft considers critical; the other two are considered important.
The remote procedure call (RPC) interface contains an unchecked buffer that could let intruders execute the code of their choice on unprotected systems. Blocking port 135 helps protect against the vulnerability, as does disabling DCOM by using dcomcnfg.exe. The problem affects Windows Server 2003, Windows XP, Windows 2000, and Windows NT. Microsoft has made patches available for all OSs. You can read more about the problem and find links to the patches in Microsoft Security Bulletin MS03-026 (Buffer Overrun In RPC Interface Could Allow Code Execution.) The patch will also be included in Windows 2003 Service Pack 1 (SP1), XP SP2, and Win2K SP5.
Another unchecked buffer was discovered in the Windows shell; it could also let intruders run code of their choice. However, because the shell runs in the security context of the logged-on user, Microsoft considers the problem to be "important" instead of critical. The problem only affects XP SP1 systems (but not XP Gold). You can download the path from Microsoft Security Bulletin MS03-027, (Unchecked Buffer in Windows Shell Could Enable System Compromise) and it will also be included in XP SP2.
The third problem allows cross-site scripting using error pages included with Microsoft Internet Security and Acceleration (ISA) Server. Because of a flaw in the way some of the error pages are encoded, a malicious user could cause a script to execute on a user's system. Microsoft released a patch for ISA Server systems with SP1 or Feature Pack 1 installed. The patch is linked in Security Bulletin MS03-028 (Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack) and will also be included in the next ISA Server service pack.
