Hi ,
We have a security vulnerability "The following DCE-RPC / MS-RPC services are active on the remote host." caused by RPCSS.exe service.
Can anyone help me understand the impact if this Service is stopped on all servers. Currently this is running on all Servers (AF Server, Data Archive Server, Interface Node and SQL Server)?
Thanks and Regards,
GGP.
Hello Anitha,
With regards with what RPC is, it is a Microsoft Remote Procedure Call which is used for creating distributed client/server programs that allows client and server software to communicate. Please reference the following Microsoft Document.
The RPCSS service is the Service Control Manager for COM and DCOM servers. It performs object activation requests, object exporter resolutions and distributed garbage collection for COM and DCOM servers. If this service is stopped or disabled, programs using COM or DCOM will not function properly. This service is vital for operation of multiple aspects of the PI System and other computer functions and is strongly recommended to leave it running. This service usually cannot be disabled via the services MMC or a registry path.
Specifically within the PI system this service is essential for Base, Archive and Snapshot subsystems along with any other software that uses COM or DCOM communications and whenever client-server communication is required.