Windows NT Security Patches Windows NT Security Patches for 2000
Windows NT Security Patches for 2000
12.07.00. The "Registry Permissions" patch includes a tool that corrects the permissions on several registry values in Windows NT 4.0. The default permissions could allow a malicious user to gain additional privileges on an affected machine.
12.05.00. The "Phone Book Service Buffer Overflow" patch eliminates a vulnerability in the Phone Book Service component of Windows 2000 and Windows NT 4 that could allow a malicious user to execute hostile code on a remote server that is running the service.
12.01.00. The "Incomplete TCP/IP Packet" patch eliminates a vulnerability in Windows NT 4.0, 9x, and ME that could allow a malicious user to temporarily prevent an affected machine from providing any networking services or cause it to stop responding entirely.
11.10.00. The "Terminal Server Login Buffer Overflow" patch eliminates a security vulnerability in the Windows NT 4.0 Terminal Server that could allow a malicious user to execute code of his choice on the Terminal Server due to a buffer overflow.
11.02.00. The "Netmon Protocol Parsing" patch eliminates a security vulnerability in Windows NT and Windows 2000 server products and Systems Management Server that could allow a malicious user to gain control of an affected server.
10.05.00. The Multiple LPC and LPC Ports Vulnerabilities patch eliminates several security vulnerabilities in Windows NT 4.0 and Windows 2000 which could allow a range of effects, from denial of service attacks to, in some cases, privilege elevation. The following vulnerabilities are addressed by this patch: "Invalid LPC Request" (only affects NT 4.0), "LPC Memory Exhaustion", "Predictable LPC Message Identifier", and a new variant of the previously reported "Spoofed LPC Port Request" vulnerability.
07.27.00. The "NetBIOS Name Server Protocol Spoofing" patch eliminates a security vulnerability in a protocol implemented in Microsoft Windows systems that could be used to cause a machine to refuse to respond to requests for service. All editions of Windows NT 4.0 and Windows 2000 are affected by this vulnerability.
06.08.00. The "Remote Registry Access Authentication" patch eliminates a security vulnerability in Windows NT 4.0 that could, under certain conditions, be used to cause a Windows NT 4.0 machine to fail.
05.30.00. The "ResetBrowser Frame" patch eliminates a security vulnerability in both Windows 2000 and Windows NT 4.0. The vulnerability could allow a malicious user to shut down browsers on that user's network as a denial of service attack against the browser service, or, in the worst case, to shut down all browsers and declare his machine the new Master Browser.
05.30.00. The "HostAnnouncement Flooding" patch eliminates a security vulnerability in Windows NT 4.0 that could allow a malicious user to send a huge number of bogus HostAnnouncement frames to a Master Browser. The resulting replication traffic could consume most or all of the network bandwidth and cause other problems as well.
05.20.00. The "IP Fragment Reassembly" patch eliminates a security vulnerability in all editions of Windows 95, Windows 98, Windows 2000, and Windows NT 4.0. The vulnerability could be used to cause the CPU of an affected machine to devote all of its processing power to reassembling a fragmented stream of data packets, thereby temporarily preventing the computer from performing other tasks.
04.21.00. The "Malformed Environment Variable" patch eliminates a security vulnerability in Windows NT 4.0 and Windows 2000 that could allow a malicious user to make some or all of the memory on an affected server unavailable, potentially slowing or stopping an affected server's response time (i.e. could be used to mount denial of service attacks.)
04.13.00. The "OffloadModExpo Registry Permissions" patch installs tighter permissions on a specific Windows NT 4.0 registry key. The default permissions could allow a malicious user to compromise the cryptographic keys of other users who subsequently log onto the same machine. Windows 2000 is not affected by this vulnerability, but all versions of Windows NT 4.0 are.
03.31.00. The "Malformed TCP/IP Print Request" patch eliminates a security vulnerability in the TCP/IP Printing Services for Windows NT 4.0 and Windows 2000. If this service is installed, the vulnerability could allow a malicious user to disrupt printing services.
03.10.00. The "Registry Permissions" patch installs tighter permissions on three sets of registry values. The default permissions could allow a malicious user to gain additional privileges on a machine that they are able to interactively log onto. All versions of Windows NT 4.0 are affected by this vulnerability (Windows 2000 is not affected).
02.02.00. The "Recycle Bin Creation" patch eliminates a security vulnerability in NT 4.0 that could, under a very daunting set of conditions, allow a malicious user to create, delete, or modify files in the Recycle Bin of another user sharing the same machine.
01.22.00. The "RDISK Registry Enumeration File" patch eliminates a security vulnerability in an administrative utility that ships with Microsoft Windows NT 4.0, Terminal Server Edition. The utility creates a temporary file during execution that can contain security-sensitive information, but does not appropriately restrict access to it. As a result, a malicious user on the terminal server could read the file as it was being created.
01.13.00. The "Spoofed LPC Port Request" patch eliminates a security vulnerability in Windows NT 4.0 that could allow a user logged onto a Windows NT 4.0 machine from the keyboard to become an administrator on the machine. All editions of NT 4.0 are affected.
