The bugs that caused the most serious damage
Uncovering and exploiting Windows vulnerabilities has become as sport for many, and in a number of cases, even a career. We've rounded up a list of the worst Windows flaws we've endured since the introduction of Windows 98
Billy Gates, stop making money! Make malware instead
Bug identifier: MS03-026
Description: Buffer overrun in RPC interface could allow code execution
Alias: The Blaster Worm bug
Date published: July 16 2003
The DCOM RPC interface is a common component of NT-based Windows OS's, including NT, 2000, XP, and Server 2003. In the summer of 2003, it became the subject of intense scrutiny.
As Microsoft described in the bulletin that accompanied the patch, a successful exploit only required the attacker to send a "specially formed request" to a vulnerable PC - a bit like dangling candy in front of a ravenously hungry baby.
By August 11, the Blaster worm arrived, and though it spread rapidly, it was fairly easy to block with a firewall. Unfortunately, protecting home systems with firewalls wasn't common practice at the time. Home users' PCs - connected directly to the internet - got trashed by the worm. When the worm's code crashed the infected computer's RPC service, the computer would display a message warning of imminent shutdown, and unceremoniously reboot itself.
The worm had another message, this one to Microsoft's founder, and embedded within its code: Billy gates why do you make this possible? Stop making money and fix your software!!
But it was fixed. Or at least it would have been if people had patched their systems.
At the end of the summer, Microsoft released a second set of updates in MS03-039 that blocked additional ports that attackers could use to mess with the RPC service.
Upshot: We're all in better shape thanks to the wide adoption of firewalls in the home. Thanks in part to Blaster and its ilk, most broadband modems have one built in.
NEXT PAGE: The sassy bug with a lot of spunk
- These bugs caused serious damage
- Total server control with a single URL
- The Code Red bug
- The fastest infection ever
- The Blaster Worm bug
- The sassy bug with a lot of spunk
- Drive-by downloads
- The component that keeps on giving (headaches)