Check or Attack Name: RPC DLL version

Prior to installation of the Windows NT 4.0 post-SP2 rpc-fix, an attacker can telnet to port 135 and cause the system to become extremely slow. As a result of this denial of service attack, the RPC locator process will use nearly 100% of the processor.

Apply the latest Windows NT 4.0 Service Pack, or Windows NT 3.51 and 4.0 users can apply the appropriate patch.

To apply the latest Windows NT 4.0 Service Pack, follow these steps:

1. Open a web browser.
2. Go to http://support.microsoft.com/support/ntserver/Content/ServicePacks/ and follow the directions to download the appropriate service pack for your computer.
3. Find the installation program you downloaded to your computer.
4. Double-click the program icon to start the installation.
5. Follow the installation directions.

Windows NT 4.0 Service Pack 2 (SP2) users must apply the post-SP2 rpc-fix available from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfixes-postSP2/rpc-fix.

Windows NT 3.51 Service Pack 5 (SP5) users must apply the post-SP5 rpc-fix available from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT351/hotfixes-postSP5/rpc-fix.