Server
Contents |
General Information
October 24, 2008: A vulnerability in the Server Service has been discovered for Windows 2000 -> Windows 7 (basically, all versions in the last 9 years). Please see this security bulletin and update your PC accordingly: http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
February 26, 2009: The Server Service issue is still causing quite a stir on the internet. Ensure that you have fully updated your system as to not be infected by “Conficker” or its several variants.
- CA: http://www.ca.com/securityadvisor/virusinfo/virus.aspx?id=75911
- F-Secure: http://www.f-secure.com/v-descs/worm_w32_downadup_al.shtml
- Symantec: http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99&tabid=1
- Sophos: http://www.sophos.com/security/analyses/viruses-and-spyware/w32conficka.html
In order to fix this issue, you need to patch your system using the latest update fix version: http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
In order to remove the problem, you can use Microsoft’s own removal tool or anything else offered from the company links above: http://www.microsoft.com/security/malwareremove/default.mspx
Regardless of what you do or how you choose to go about it, fix/patch/prevent.
Windows 8
Default Description
Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Additional Information
None at this time.
Default Startup Type
| OS | WDP |
|---|---|
| Windows 8 WDP | Automatic (Started) |
Service Names
Service Name (registry): LanmanServer
Display Name: Server
Default Path and Command Line Options
C:\Windows\system32\svchost.exe -k netsvcs
Log On As
Account: Local System account
Dependencies
Note: No dependencies are listed for any service in the WDP build I used to draft this information.
Windows 7
Default Description
Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Additional Information
None at this time.
Default Startup Type
| OS | SP0 |
|---|---|
| Windows 7 Starter | Automatic (Started) |
| Windows 7 Home Basic | Automatic (Started) |
| Windows 7 Home Premium | Automatic (Started) |
| Windows 7 Professional | Automatic (Started) |
| Windows 7 Ultimate | Automatic (Started) |
| Windows 7 Enterprise | Automatic (Started) |
Service Names
Service Name (registry): LanmanServer
Display Name: Server
Default Path and Command Line Options
C:\Windows\system32\svchost.exe -k netsvcs
Log On As
Account: Local System account
Dependencies
What service Server needs to function properly:
- Security Accounts Manager(S, HB, HP, P, U, E)
- Remote Procedure Call (RPC)(S, HB, HP, P, U, E)
- DCOM Server Process Launcher (S, HB, HP, P, U, E)
- RPC Endpoint Mapper (S, HB, HP, P, U, E)
- Remote Procedure Call (RPC)(S, HB, HP, P, U, E)
- Server SMB 1.xxx Driver (S, HB, HP, P, U, E)
- Server SMB 2.xxx Driver (S, HB, HP, P, U, E)
- srvnet (S, HB, HP, P, U, E)
- Server SMB 2.xxx Driver (S, HB, HP, P, U, E)
What other service require Server to function properly:
- Computer Browser (S, HB, HP, P, U, E)
- HomeGroup Listener (S, HB, HP, P, U, E)
Windows Vista
Default Description
Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Additional Information
None at this time.
Default Startup Type
| OS | SP0 | SP1 | SP2 |
|---|---|---|---|
| Vista Home Basic | Automatic (Started) | Automatic (Started) | Automatic (Started) |
| Vista Home Premium | Automatic (Started) | Automatic (Started) | Automatic (Started) |
| Vista Business | Automatic (Started) | Automatic (Started) | Automatic (Started) |
| Vista Ultimate | Automatic (Started) | Automatic (Started) | Automatic (Started) |
| Vista Enterprise | Automatic (Started) | Automatic (Started) | Automatic (Started) |
Service Names
Service Name (registry): LanmanServer
Display Name: Server
Default Path and Command Line Options
C:\Windows\system32\svchost.exe -k netsvcs
Log On As
Account: Local System Account
Dependencies
What service Server needs to function properly:
- Security Accounts Manager(HB, HP, B, U)
- Remote Procedure Call (RPC)(HB, HP, B, U)
- DCOM Server Process Launcher (HB, HP, B, U)
- Remote Procedure Call (RPC)(HB, HP, B, U)
- srv (HB, HP, B, U)
- srv2 (HB, HP, B, U)
- srvnet (HB, HP, B, U)
- srv2 (HB, HP, B, U)
What other service require Server to function properly:
- Computer Browser (HB, HP, B, U)
Windows XP Pro x64
Default Description
Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Additional Information
Used for file and print sharing from your computer or Message Queuing. For security purposes, you may disable this service if you do not require local printers and files shared across your network. Connectivity, however, still exists even on incoming shared network drives. Workstation needs to be running to connect to another computer that has the files you are looking for.
Note: If you disable File and Print sharing, the Server service may disappear from the services listing. Just enable File and Print sharing again and the Server service will return.
Default Startup Type
| OS | SP0 | SP1 | SP2 |
|---|---|---|---|
| XP Pro x64 | ? | ? | Automatic |
Service Names
Service Name (registry): lanmanserver
Display Name: Server
Default Path and Command Line Options
C:\WINDOWS\System32\svchost.exe -k netsvcs
Log On As
Account: Local System Account
Dependencies
What service Server needs to function properly:
- None
What other service require Server to function properly:
Windows XP
Default Description
Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Additional Information
Used for file and print sharing from your computer or Message Queuing. For security purposes, you may disable this service if you do not require local printers and files shared across your network. Connectivity, however, still exists even on incoming shared network drives. Workstation needs to be running to connect to another computer that has the files you are looking for.
Note: If you disable File and Print sharing, the Server service may disappear from the services listing. Just enable File and Print sharing again and the Server service will return.
Default Startup Type
| OS | SP0 | SP1 | SP2 | SP3 |
|---|---|---|---|---|
| XP Home | Automatic (Started) | Automatic (Started) | Automatic (Started) | Automatic (Started) |
| XP MCE 2005 | Automatic (Started) | Automatic (Started) | Automatic (Started) | Automatic (Started) |
| XP Pro | Automatic (Started) | Automatic (Started) | Automatic (Started) | Automatic (Started) |
| XP Tablet PC 2005 | Automatic (Started) | Automatic (Started) | Automatic (Started) | Automatic (Started) |
Service Names
Service Name (registry): lanmanserver
Display Name: Server
Default Path and Command Line Options
C:\WINDOWS\System32\svchost.exe -k netsvcs
Log On As
Account: Local System Account
Dependencies
What service Server needs to function properly:
- None (H, M, P, T)
What other service require Server to function properly:
- Computer Browser(H, M, P, T)
- Message Queuing(M, P, T)
- Message Queuing Triggers (M, P, T)
- Message Queuing(M, P, T)
Additional Reading
None at this time.