"Users are reporting problems with two of Microsoft's recent security hotfixes, which patch problems with Remote Procedure Call (RPC) and Windows file management functions. Research groups have released demonstration code on the Internet, which increases the risk that someone might launch a wide-scale attack, possibly using worm technology. However, users who block access to port 135 or disable DCOM using dcomcnfg.exe are better protected against attacks. Installing the patch without protecting port 135 or disabling DCOM might not be enough. "
http://www.wininformant.com/Articles/Index.cfm?ArticleID=39709

securiteam.com

Initial reports from mailing lists suggest that, while the exploit code may run, it is still easily detectable. Once exploitation is complete RPC/DCOM functions fail completely, affecting functions like drag and drop or using the clipboard. This makes any attempt at hacking highly visible. "It's certainly a danger in terms of worm development," said Graham Titterington, senior analyst at Ovum. "This is a fundamental flaw in the architecture and many people won't get round to patching it; that's just the way the world works."

vnunet.com

|VIRUS SPAM|HUMAN ENGINEERING|08/04/2003|

"A dangerous strain of 'virus spam' is tricking computer users into allowing serious infections into home and business computer systems, IT experts have warned... "If you open up a link in a spam email, it may be days or weeks before you know you have a virus. You are not going to get flashing lights telling you what you have done."... Popular versions of v-spam are thought to be emails offering the chance to unsubscribe to bogus e-newsletters by clicking on a link; messages with links to 'unbeatable offers'; and emails tempting users to download festive greetings cards. "

pcw.co.uk

|WINDOWS|NETWORK|08/04/2003|

"For example, if you're running a Microsoft Windows network, you can use a command like 'net use' which allows you to connect to a fileshare on another machine," said Ducklin. By entering an IP number into the command you can attempt to connect to any machine on the Internet, and if the filesharing feature is turned on and no ports are blocked you have complete access to the machine. "That's what many of today's viruses do."

zdnet.com.au

|VULNERABILITY|ELECTION SOFTWARE|7/26/2003|

"Three computer researchers from the Information Security Institute at Johns Hopkins University, with help from a computer scientist at Rice University, say they've uncovered vulnerabilities in the software purportedly used by Diebold Election Systems. As a result, one person can cast multiple votes, elections can be delayed, the anonymity of voters can be breached, and cast votes can be modified or even deleted, the researchers say."

informationweek.com