We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

The 8 most dangerous Windows vulnerabilities

The bugs that caused the most serious damage

Uncovering and exploiting Windows vulnerabilities has become as sport for many, and in a number of cases, even a career. We've rounded up a list of the worst Windows flaws we've endured since the introduction of Windows 98

Billy Gates, stop making money! Make malware instead

Bug identifier: MS03-026
Description: Buffer overrun in RPC interface could allow code execution
Alias: The Blaster Worm bug
Date published: July 16 2003

The DCOM RPC interface is a common component of NT-based Windows OS's, including NT, 2000, XP, and Server 2003. In the summer of 2003, it became the subject of intense scrutiny.

As Microsoft described in the bulletin that accompanied the patch, a successful exploit only required the attacker to send a "specially formed request" to a vulnerable PC - a bit like dangling candy in front of a ravenously hungry baby.

By August 11, the Blaster worm arrived, and though it spread rapidly, it was fairly easy to block with a firewall. Unfortunately, protecting home systems with firewalls wasn't common practice at the time. Home users' PCs - connected directly to the internet - got trashed by the worm. When the worm's code crashed the infected computer's RPC service, the computer would display a message warning of imminent shutdown, and unceremoniously reboot itself.

The worm had another message, this one to Microsoft's founder, and embedded within its code: Billy gates why do you make this possible? Stop making money and fix your software!!

But it was fixed. Or at least it would have been if people had patched their systems.

At the end of the summer, Microsoft released a second set of updates in MS03-039 that blocked additional ports that attackers could use to mess with the RPC service.

Upshot: We're all in better shape thanks to the wide adoption of firewalls in the home. Thanks in part to Blaster and its ilk, most broadband modems have one built in.

NEXT PAGE: The sassy bug with a lot of spunk

  1. These bugs caused serious damage
  2. Total server control with a single URL
  3. The Code Red bug
  4. The fastest infection ever
  5. The Blaster Worm bug
  6. The sassy bug with a lot of spunk
  7. Drive-by downloads
  8. The component that keeps on giving (headaches)

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews


IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...