Hello,
Something really weird just happened here at work. All the computers in the IT department just said svchost32 stopped responding and then showed the message, "this system is shutting down. please save all work in progress and log off. any unsaved changes will be lost. this shutdown was initiated by NT AUTHORITY\SYSTEM." and, "windows must now restart because the remote procedure call (rpc) service terminated unexpectedly." All computers then rebooted once the the little timer got to zero. Any ideas on what just happened? Is there a hack or exploit that someone did to our network? Thanks a lot.
It happened again! My previous error message was a little off. I took a screen shot this time, take a look. Any ideas. If it happens again, I'll see if I can get the Technical Information about the error.
The exact same thing is happening to me, except it's on a home computer. Everytime I restart the message just appears again after a few minutes. What's going on?
Evidently a hacker got bored this morning and started playing around with a new DCOM exploit for Windows 2000 and XP. I found the actual program and step-by-step instructions on how to use the exploit and it looks pretty nasty. One could connect to a vunarable computer's RPC service and have a command promt shell with full user rights where they could execute any command on the remote computer. Crazy! Microsoft has a patch to fix the vunerability: http://microsoft.com/downloads/detai...displaylang=en
Described: http://www.microsoft.com/technet/tre...n/MS03-010.asp
Reply With Quote
