Windows NT Security Patches Windows NT Security Patches for 1999
Windows NT Security Patches for 1999
12.24.99. The "Improve TCP Initial Sequence Number" patch was originally issued on 10/22/99 and was updated on 12/24/99 with a fix that eliminates a regression error in the earlier patch. The patch itself significantly improves the randomness of the TCP initial sequence numbers (ISNs) generated by the TCP/IP stack in Microsoft Windows NT 4.0. The ISNs used in TCP/IP sessions should be as random as possible in order to prevent attacks such as IP address spoofing and session hijacking. This patch improves the randomness of the WinNT 4.0 TCP/IP ISN generation, providing 15 bits of entropy.
12.17.99. The "Syskey Keystream Reuse" patch fixes a vulnerability in Syskey, a utility that provides additional protection for Windows NT password databases. The vulnerability could allow a particular cryptanalytic attack to be effective against Syskey, significantly reducing the strength of the protection it offers. The patch eliminates the vulnerability and restores strong protection to the password database. This patch also contains the fix for the "Malformed Security Identifier Request" issue; as a result, you do not need to download both patches.
12.17.99. The "Malformed Security Identifier Request" patch fixes a vulnerability that could allow a malicious user to cause a Windows NT machine to stop responding to requests for service. This patch fixes this vulnerability in all versions of Windows NT 4.0.
12.10.99. The "Malformed Resource Enumeration Argument" patch fixes a vulnerability that could cause a Windows NT machine to stop responding to requests for services. When a specific type of malformed argument is supplied to a resource enumeration request, the Windows NT Service Control Manager can fail. This patch fixes all versions of Windows NT 4.0.
11.05.99. The "Malformed Spooler Request" patch fixes a vulnerability that could allow a user to cause the print spooler service to crash, or to run arbitrary code on a Windows NT machine. The patch also eliminates a vulnerability that could allow a user to substitute code of their choosing for a print provider that runs in a privileged state. All versions of Windows NT 4.0 are affected.
9.20.99. The "Spoofed Route Pointer" patch eliminates a vulnerability in Windows 95, 98, 98SE, and Windows NT 4.0 that could allow source routing to be performed, even if it has ostensibly been disabled. The patch also includes added functionality to provide additional control over source routing.
9.6.99. The "Fragmented IGMP Packet" Vulnerability patch eliminates the ability to send fragmented IGMP packets to your computer in order to disrupt the normal operation of the machine, including causing the machine to crash. While this problem mostly affects Windows 95 and Windows 98 systems, it can also affect Windows NT 4.0 as well.
7.1.99. The "Malformed Image Header" Vulnerability patch is a denial of service vulnerability only. By running a program that has a specific type of invalid data in the so-called image header, a Windows NT machine could be made to crash. The vulnerability does not destroy any data on the machine, nor does it allow users to gain elevated privileges. Note: This patch was included with NT SP-5, so you only need to download it if you are using Service Pack 4 or earlier.
6.25.99. The "CSRSS Worker Thread Exhaustion" Vulnerability patch is a denial of service vulnerability only. It does not provide the opportunity to compromise data or obtain any additional privileges on the machine. The machines chiefly at risk are ones that allow users to interactively log onto them and either run programs or install services. The situation that creates the denial of service condition must be initiated on the target machine itself, and cannot be directly caused from a remote machine. Windows NT servers are chiefly at risk, and only if they allow normal users to interactively log onto them. Most Windows NT workstation and Windows NT Terminal Server machines are unlikely to be affected.
6.23.99. The "Malformed LSA Request" Vulnerability Patch eliminates a vulnerability that poses a denial of service threat to Windows NT servers and workstations. Without the patch, a malformed request to the Local Security Authority (LSA) service can cause the service to stop responding, requiring the computer to be restarted. All editions of Windows NT 4.0 are affected.
