27 March 2003
Microsoft's latest Security Bulletin discloses a hitherto-undetected flaw in Windows NT 4.0, 2000 and XP which affects the Remote Procedure Call Endpoint Mapper, usually accessible via port 135. While the flaw does not allow an attacker to gain access to the machine, it is susceptible to the dreaded Denial of Service attack.
What's interesting about this is that while Microsoft has rushed out patches for 2000 and for XP, there will be no patch for NT 4.0. Redmond explains:
Although Windows NT 4.0 is affected by this vulnerability, Microsoft cannot provide a patch for this vulnerabilty for Windows NT 4.0. The architectural limitations of Windows NT 4.0 do not support the changes that would be required to remove this vulnerability.
Instead, they suggest, you enable your firewall to block port 135. (What? You don't have a firewall? What's wrong with you?)
This is, I think, the first time that Microsoft has actually admitted they couldn't fix something.