We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,088 News Articles

The 8 most dangerous Windows vulnerabilities

The bugs that caused the most serious damage

Uncovering and exploiting Windows vulnerabilities has become as sport for many, and in a number of cases, even a career. We've rounded up a list of the worst Windows flaws we've endured since the introduction of Windows 98

Billy Gates, stop making money! Make malware instead

Bug identifier: MS03-026
Description: Buffer overrun in RPC interface could allow code execution
Alias: The Blaster Worm bug
Date published: July 16 2003

The DCOM RPC interface is a common component of NT-based Windows OS's, including NT, 2000, XP, and Server 2003. In the summer of 2003, it became the subject of intense scrutiny.

As Microsoft described in the bulletin that accompanied the patch, a successful exploit only required the attacker to send a "specially formed request" to a vulnerable PC - a bit like dangling candy in front of a ravenously hungry baby.

By August 11, the Blaster worm arrived, and though it spread rapidly, it was fairly easy to block with a firewall. Unfortunately, protecting home systems with firewalls wasn't common practice at the time. Home users' PCs - connected directly to the internet - got trashed by the worm. When the worm's code crashed the infected computer's RPC service, the computer would display a message warning of imminent shutdown, and unceremoniously reboot itself.

The worm had another message, this one to Microsoft's founder, and embedded within its code: Billy gates why do you make this possible? Stop making money and fix your software!!

But it was fixed. Or at least it would have been if people had patched their systems.

At the end of the summer, Microsoft released a second set of updates in MS03-039 that blocked additional ports that attackers could use to mess with the RPC service.

Upshot: We're all in better shape thanks to the wide adoption of firewalls in the home. Thanks in part to Blaster and its ilk, most broadband modems have one built in.

NEXT PAGE: The sassy bug with a lot of spunk

  1. These bugs caused serious damage
  2. Total server control with a single URL
  3. The Code Red bug
  4. The fastest infection ever
  5. The Blaster Worm bug
  6. The sassy bug with a lot of spunk
  7. Drive-by downloads
  8. The component that keeps on giving (headaches)

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews


IDG UK Sites

Windows 9 release date, price, features: Microsoft teases new OS ahead of 30 September unveiling

IDG UK Sites

From the iPhone 6 to the iWatch and a new Apple TV we look at the products Apple is set to launch...

IDG UK Sites

September 2014 creative trends: 5 things you must see

IDG UK Sites

What to expect from Apple in autumn/winter 2014: iPhone 6, iPhone Air, iWatch, iPad 6, new Apple...