Notices
NSC-030910: Critical Security Update Information
Microsoft issued a Critical security bulletin MS03-039 today which is in response to newly discovered RPC vulnerabilities in Windows. This flaw is similar to the ones exploited in August (Blaster, Welchia (Nachi) worms, etc). It is expected that exploits will be launched that take advantage of this flaw very soon.
Things you need to know:
1.) All workstations and servers running Windows NT 4.0, Windows 2000, Windows XP, or Windows Server 2003 MUST BE PATCHED AGAIN. Users must perform a "Windows Update", or IT support staff must push updates to all machines and/or visit every machine to update them. A mass mailing to all faculty, staff, and students will be sent out this afternoon with instructions to update Windows computers immediately.
2.) The UI will block the remaining Microsoft networking/communication ports at the campus border later today, for added protection against the expected exploits, based on recommendations from Microsoft. (The newly blocked ports will be 137, 138, and 593. The ports already being blocked are 135, 139, and 445.) This is not expected to have a noticeable effect on computer operations.
3.) The patch for MS03-039 supercedes the MS03-026 patch that you applied in August with the RPCFIX tool, so we have removed those old updates from the RPCFIX tool. You need to discard all copies of RPCFIX version 1.4 or earlier that you have. The new version 1.5 of the RPCFIX tool will run the cleaners to remove known exploits, but will *not* install updates (patches) onto computers. You need to use Windows Update for that purpose so that you get the correct combination of patches.
Please urge users and support staffs to apply all current critical updates to Windows computers. Those departments and units that were diligent about applying patches when it was recommended late in July, felt little or no effect from the trojan, worm, and virus activity, and avoided most of the network disruptions in August!
See the technical version MS03-039 details at:
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-039.asp
See the end-user version MS03-039 details at:
http://www.microsoft.com/security/security_bulletins/ms03-039.asp
If you have any questions, please contact the ITS Help Desk at 384-HELP, or the IT Security Office at 335-6332.