Features
-
License:
Free
-
Editor's Rating:
Not rated
- Average User Rating:
-
Downloads:
9,702
- Operating Systems:
Windows 2000
- Additional Requirements:
No additional requirements
- Limitations:
No limitations
- Date Added:
November 28, 2000
Publisher's description of Windows 2000 Domain Account Lockout Vulnerability Patch
From Microsoft:This patch eliminates a security vulnerability in Microsoft Windows 2000. The vulnerability could allow a malicious user to use repeated attempts to guess an account password even if the domain administrator had set an account lockout policy.
A flaw in the way that NTLM authentication operates in Windows 2000 could allow a domain account lockout policy to be bypassed on a local Windows 2000 machine, even if the domain administrator had set such a policy. The ability of a malicious user to avoid the domain account lockout policy could increase the threat from a brute force password-guessing attack.
This vulnerability only affects Windows 2000 machines that are members of non-Windows 2000 domains. In addition, the vulnerability only affects domain user accounts that have previously logged into the target machine and already have cached credentials established on that machine. If a domain account lockout policy is in place and an attacker attempts a brute force password-guessing attack, the domain user account will be locked out as expected at the domain controller. However, if the attacker is able find the correct password, the local Windows 2000 machine will log the attacker on using cached credentials in violation of the account lockout policy. Although the attacker would be able to log on to the local machine, he or she would not be able to authenticate to the domain or gain access to resources on other machines in the domain.
CNET Editor's Note: Windows 2000 Gold is not affected by this vulnerability. This patch will be included in Windows 2000 Service Pack 2. Domain Account Lockout vulnerability FAQ.
- See more CNET content tagged:
- Microsoft Windows 2000,
- attacker,
- domain,
- malicious user,
- policy
More popular Encryption Software downloads
- 58,873 downloads 1. RoboForm
- 10,761 downloads 2. SuperEncryptor
- 5,756 downloads 3. Folder Lock
- 2,546 downloads 4. Eraser
- 2,154 downloads 5. RAR Password Cracker
- See all Encryption Software downloads
User reviews
- Average user rating: 0 stars Not yet available
- My rating: 0 stars Write review
-
Showing 1 of 1 user reviewSee 1 user review
This software version | All versions -
Version: Windows 2000 Domain Account Lockout Vulnerability Patch MS00-089
Summary: Well I was happy there was a patch. But became nearly crazy because it did not work. The patch sucks.
- See 1 user review Write review
Submit your review
You must be 13 years of age or older to submit personal information to CNET Networks. In compliance with the Children's Online Privacy Protection Act of 1998, CNET Networks does not accept name and e-mail address information from users who are under 13 years of age.
All submitted ratings and written comments become the sole property of CNET Networks, Inc. (CNET) and may be used at CNET Networks' sole discretion. Ratings and written comments are generally posted within two to four business days in batch groups, not in real time. However, CNET Networks reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET Networks, are responsible for the contents of your submission.
CNET Networks is not responsible for the content of the publisher's descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CNET Download.com does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products.
