DCOM Windows
XP Do You Need It?
Published By Marc Liron - Microsoft MVP
(This article is now retired!)
|
|
|
DCOM Windows XP
Background
With the recent exploits of the
MSBlaster
worm and the new revelation that more flaws have been discovered
(see KB824146),
the DCOM protocol has once again been thrust onto centre stage
again...
|
What is DCOM in Windows
XP?
DCOM is a a very little used technology that has been built into the
Windows operating system so as to allow the various software
components
to inter-operate across any network... (Great for worms and
viruses...)
However, as with many services and protocols in Windows, Microsoft
appears to have enabled it as "always running" - when it's almost
never
needed!
Some Windows applications such as Paintbrush & Media Player are "DCOM
ready".
They have been created that way so anyone else on your network, or
over
the public Internet can access them. But Why...?
DCOM in Windows XP has always been a bad idea! It is a potential
source
for trouble.
The world now has multiple "DCOM worms" using the Internet to find
new victims.
You might be asking is it safe to disable then? Well the short
answer is YES.
The slightly longer answer is that whilst most home users are not
going to
need the DCOM protocol in Windows XP... Some business/corporate
users
might need it. You see some specially written software for
businesses may
be written to actually use the DCOM functionality. The only real way
to
know is ask your IT department or disable the service and see if the
software
stops working as it should!
In reality though, most of you reading this article will be home
users, or
users of a stand alone business PC that is not running any special
software that requires DCOM in Windows XP.
This is the official Microsoft description
of DCOM:
"The Distributed Component Object Model (DCOM) is a protocol that
enables software components to communicate directly over a network
in a reliable, secure, and efficient manner. Previously called
"Network OLE," DCOM is designed for use across multiple network
transports, including Internet protocols such as HTTP. DCOM is based
on the Open Software Foundation's DCE-RPC spec and will work with
both Java applets and ActiveX® components through its use of the
Component Object Model (COM)."
If I Do Not Need DCOM - Why Is It There?
Good question!
And my rather cynical answer is so Microsoft can say they have a
distributed component system built into Windows, rather than put a
competitors system in Windows!
You see DCOM is a new name for the old OLE.
OLE (Object Linking and Embedding) was a bad idea that Microsoft
tried to make happen... Now they call it DCOM...
Virtually no-one needs it, wants it or uses it! Shocked? You should
be...
What's worse is that Microsoft have DCOM set to run on EVERY Windows
XP machine by default!!! (Its just sitting there waiting for the
next worm to exploit it.)
After the recent MSBlaster worm that hit so many users, Microsoft
issued a patch to try and secure DCOM. However, what would have been
a really neat idea, was to have the patch do its security thing AND
THEN "disable" DCOM.
Then only those that truly need it (0.01%) of us could manually
enable it if required.... It is a real shame they did NOT do this.
So How Do You Disable DCOM in Windows XP..?
The good news is that YOU can disable DCOM support...
Step One
Read my article on the latest security flaws in DCOM and apply BOTH
of Microsoft's security patches for DCOM. You must do this prior to
the next steps.... Get the article: KB824146
Step Two
Click Start menu, and then click the Run icon.
In the small box that Opens, type: regedit then click the OK button.
The Registry Editor will now have opened...
You must now navigate to the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
You will see there is a String Value called:
EnableDCOM
Set the value to: N (it should currently be Y)
Close the Registry Editor.
Shutdown and Restart your computer.
Step Three
Click Start menu, and then click the Run icon.
In the small box that Opens, type: Dcomcnfg.exe then click the OK
button.
Now the Component Services window should open.
In the left hand pane "Expand" Component Services.
Right-click Computer and select Properties.
(For a remote computer, right-click Computer, press New, press
Computer, type the ComputerName, right-click the ComputerName and
press Properties.)
Select the Default Properties tab.
Clear the Enable Distributed COM on this Computer box.
Click the Apply button to disable DCOM.
Click the OK button and exit the Component Services window.
Shutdown and Restart your computer.
Wider DCOM issues....
It is worth mentioning that DCOM communicates via Port 135...
It is important that you secure this PORT! Please make sure you are
using a Firewall on your computer, or that you are behind a firewall
device on your network.
If you are using a router with NAT (Network Address Translation)
then Port 135 on your PC, should be "invisible" to the outside
world....
The How To Play Your DVD's
In Windows Media Player!
The DVD XPack instantly adds DVD playback to
Windows Media Player 9, 10 and 11. It Installs the
same theatre-quality video and audio decoders
proven by over 45 million users of WinDVD -
the world's leading software DVD player!
Why Use It? BECAUSE:
It's FAST, low-cost, easy to use AND Microsoft approved!
The
InterVideo DVD XPack
 Plugin
(The
above link not working?
Click Here )
NOW works with
Windows Vista too!
|
|
|
If you have found
this article on
Windows
Update Error: 0x80070057
useful, then why not sign up for my
FREE Windows XP
Newsletter service?
Enjoy the rest of
site and remember if you have a query about this site or a comment
to make then drop me a line at the
Contact Page
|
Kind Regards
Marc Liron -
Bio
Microsoft MVP
Your Guide to using Windows XP
A Unique Windows XP Newsletter?
Sign Up Now!
- Make sure you get your
FREE tips and advice...
Other Websites By Marc Liron - Microsoft MVP
News and Articles on Windows Vista:
www.instantvista.com
My Techie Blog:
www.marclironblog.com
My Windows Technology Newsletter
www.marctalkstech.com
|
