BleepingComputer.com: Tenable NeWT Security Reports

The following is a part of aTenable NeWT Security Report. After that is my question:

"epmap (135/tcp)


The remote host is running a version of Windows which has a flaw in
its RPC interface which may allow an attacker to execute arbitrary code
and gain SYSTEM privileges. There is at least one Worm which is
currently exploiting this vulnerability. Namely, the MsBlaster worm.


Solution: see http://www.microsoft.com/technet/security/...n/MS03-026.mspx

Risk factor : High
CVE : CAN-2003-0352
BID : 8205
Other references : IAVA:2003-A-0011", end report.


I run a clean machine. I don't ever get virus' and the like anymore haven learned the hard way why you don't want them. I run all the safety tools to guarantee this. So I don't get why I'm getting this reading on this security tool? I don't have the MsBlaster worm or anything else, yet I get this reading every time I run Tenable NeWT Security Reports . I follow the link for the Solution to check on the security update and I either get that another security update has taken care of it or most recently I've gotten an error in downloading the update. The error being: "Extraction Failed, xpsp1hfm.exe is not a valid Win 32 application." And then it stops the download.

So why does this happen? What is the "RPC interface", how would I know of a flaw in it and how would I correct the flaw? Thank you.

Sincerely,

Johnz414

Do you have all the latest windows updates? If so you should be ok. Also install a software firewall and that port wont be visible to the outside and you will be fine

Hi Gringler,

Thanks for the response. I do have all the latest MS Updates and always make sure I have a firewall running. I figured that I didn't have to much to worry about but just want to make sure sense that report always gives the same warning. Thanks.

John

This post has been edited by Johnz414: 16 June 2005 - 12:14 PM