Re: DCOM not disabled on Win2k SP0,1,2 - or maybe it is?
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: Tue, 12 Aug 2003 16:49:21 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
According to Aaron Sprague, any Windows 2000 system running SP2 or lower can have DCOM disabled (via the methods previously described) *if* MS01-041 (Q298012) is installed. This patch was also included in the Windows 2000 SRP1.
This patch was included in SP3.
Any of you out there with systems at SP2 or lower, please confirm if you can. According to Aaron, the eEye tool recognizes a system with DCOM disabled and MS01-041 applied as not being vulnerable.
I tried to call eEye about this to get them to verify before publishing this, but they were getting necessary nourishment.
Russ - NTBugtraq Editor
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to