From Microsoft: This patch eliminates a vulnerability in the Windows NT 4.0 Syskey utility. Syskey provides additional cryptographic protection to the passwords stored in the SAM database, but a flaw weakens the protection. This patch restores the protection to its designed strength, and makes password cracking attacks infeasible. The patch also eliminates a denial of service vulnerability associated with the Windows NT LsaLookupSids() function.
read more +