Microsoft has published a security bulletin announcing three critical vulnerabilities which could be used by a remote attacker to take control of vulnerable systems, installing programs or changing data stored on a hard drive.
The three security vulnerabilities affect the DCOM (Distributed Component Object Model) interface to a Windows component called the RPCSS service. That service processes messages using the RPC (Remote Procedure Call) protocol.
Affected software includes Windows NT Workstation and Server Edition 4.0, Windows NT Terminal Server Edition 4.0, Windows 2000, Windows XP and Windows Server 2003.
For more details, check out the full Computerworld report here.
The official Microsoft advisory is available at: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-039.asp