Microsoft Windows And Remote Procedure Call ( Rpc ) Facilities

1558 Words7 Pages
Microsoft Windows was attacked via buffer overflow in August 2003. The attack, known as the Blaster Worm, focused on an already recognized buffer overflow in Windows’ remote procedure call (RPC) facilities. RPC is specific to the Windows operating system. The vulnerability was in Port 135 which handles transmission control protocol (TCP) the language in which a system communicates in. Port 135 did not require authentication about a server it was communicating with. Therefore, the Blaster Worm was able to inundate the port with data, in turn, injecting malicious code into the system. By exploiting this vulnerability in Port 135, the Blaster Worm would install itself on a computer and immediately seek out other susceptible computers. Once infected, the Blaster Worm permitted individuals or an entity to take a myriad of very damaging actions from executing programs to giving others hackers full access to resources and information. Additionally, the Blaster Worm had the ability to instruct a newly discovered susceptible system to download the worm so that the infectious cycle would continue (Hoogstraten, 2003). The antidote to the Blaster Worm virus’ came in the form of a patch issued after it infected an estimated “100,000 Microsoft Windows systems and cost millions in damage” (Bailey, Cooke, Jahanian, Watson, & Nazario, 2005). Unvalidated input is tainted input. Input into a web application can be received from the client/customer, a database, web server, or

More about Microsoft Windows And Remote Procedure Call ( Rpc ) Facilities

Open Document