TITLE: Microsoft Windows XPe Fix for Buffer Overrun In RPC Interface

VERSION: 1.00 Rev A
DESCRIPTION:
This contains the Windows XPe fix for the desktop models listed below for the
possible security vulnerability explained in Microsoft Knowledge Base Article 823980.

Microsoft originally released this bulletin and patch on July 16, 2003, to correct a 
security vulnerability in a Windows Distributed Component Object Model (DCOM) Remote 
Procedure Call (RPC) interface. The patch was and still is effective in eliminating the 
security vulnerability. However, the "mitigating factors" and "workarounds" discussions in 
the original security bulletin did not clearly identify all the ports by which the 
vulnerability could potentially be exploited. Microsoft has updated this bulletin to more 
clearly enumerate the ports over which RPC services can be invoked and to make sure that 
customers who choose to implement a workaround before installing the patch have the 
information that they must have to protect their systems. Customers who have already 
installed the patch are protected from attempts to exploit this vulnerability and do not 
have to take further action.

PURPOSE: Recommended Update
SOFTPAQ NUMBER: SP25229
SUPERSEDES: None
EFFECTIVE DATE: August 18, 2003
CATEGORY: OS and OS Enhancements
SSM SUPPORTED: Yes

PRODUCT TYPE(S):
Desktops
 
PRODUCT MODEL(S): 
HP rp5000 point of sale system

OPERATING SYSTEM(S): 
Microsoft Windows XPe Professional
 
LANGUAGE(S): 
US English
 
PREREQUISITES: 
N/A
 
HOW TO USE: 

1. Download the SoftPaq .EXE file to a directory on your hard drive.

2. Execute the downloaded file and follow the on-screen instructions.
 
 
Copyright (c) 2003 Hewlett-Packard Development Company, L.P.