Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Windows :: bt1052.txt

DCOM - Another buffer overflow


Yet another buffer overflow error has been found in DCOM and Microsoft
has released a new patch for it today according to a security bulletin
on their Web site.  If I am running a Windows PC at home, why would I
want DCOM turned on in the first place?  What purpose does it serve?
Has Microsoft needless caused security problems for XP home users by
shipping XP with unneeded service turned on by default?

Microsoft does provide a knowledge base article for turning off DCOM

However this article uses technobabble to explain what might not work
with DCOM disabled.  I need the downsides of turning off DCOM to be
explained in English.  For example, if I disable DCOM can I still access
a network printer or file server?

Richard M. Smith


What causes these vulnerabilities?

The vulnerabilities result because the Windows RPCSS service does not
properly check message inputs under certain circumstances. After
establishing a connection, an attacker could send a specially crafted
malformed RPC message to cause the underlying Distributed Component
Object Model (DCOM) activation infrastructure in the RPCSS Service on
the remote system to fail in such a way that arbitrary code could be

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH