Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

DCOM Exploit


  • Please log in to reply

#1
ProEd

ProEd

    Member

  • Member
  • PipPip
  • 98 posts
I'm using a temporary laptop while mine (my companies) is in the shop for repairs. This temporary Dell Inspiron 5160 is loaded with Avast! AV software V. 4.7 (virus definitions are current). As I've been surfing thru the G2G forums, and other websites, I encounter an Avast pop-up periodically (sometimes w/in minutes) notifying me that Avast has blocked a "DCOM exploit ....". What is this and what does it mean?

My regular company laptop is loaded w/ NAV 2006, SpyWare Guard, SpyWare Blaster, AdAware & SpyBot (the latter 2 of which I run manually twice a week). I update all of these no less than weekly, along with Windows updates. None of the foregoing protection software have mentioned such an "exploit".

Any info./thoughts would be appreciated. Is Avast pulling my leg? Is everyone else missing it?
  • 0

Advertisements


#2
pip22

pip22

    Trusted Tech

  • Banned
  • PipPipPipPipPip
  • 2,663 posts
The warning from avast is not a "leg-pull". The DCOM exploit is a real vulnerability in Windows but it (the vulnerability) can be removed by disabling DCOM which, for almost all Windows users, is not required. Your regular work laptop has evidently already had DCOM disabled, your temporary laptop hasn't.

Microsoft "patched" the DCOM vulnerability in Windows XP with the release of SP2, but the patch leaves DCOM running. It's much more secure to disable DCOM itself, and this little utility will allow you to do just that: http://www.grc.com/freeware/dcom.htm

Edited by pip22, 25 June 2007 - 04:49 AM.

  • 0

#3
ProEd

ProEd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
pip22.... Much thanks for your reply. I will follow up on your recommendation.

In any case, my temporary laptop is running XP SP2 and I updated it w/ MS critical updates just prior to posting my question. Thanks for your support. I wonder why MS did not attend to this in their updates.

By the by.... I have also recently received "LSASS exploit" notices from Avast. Similar issue?
  • 0

#4
starjax

starjax

    Global Moderator

  • Global Moderator
  • 6,591 posts
because there are applications and circumstances that require dcom. For example, you are using a corporate laptop. If your company uses SMS for software management and distribution, DCOM is required.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP