• On The Insider: Judge Bans Real Housewives Sex Tape
advertisement
Click Here

Windows 2000 Domain Account Lockout Vulnerability Patch MS00-089

Download Now (3.52MB)
Tested spyware free

Features

  • License:

    Free

  • Editor's Rating:

    Not rated

  • Average User Rating:

    3.0 stars (out of 4 votes) Rate it!

  • Downloads:

    9,702

  • Operating Systems:

    Windows 2000

  • Additional Requirements:

    No additional requirements

  • Limitations:

    No limitations

  • Date Added:

    November 28, 2000

Publisher's description of Windows 2000 Domain Account Lockout Vulnerability Patch

From Microsoft:

This patch eliminates a security vulnerability in Microsoft Windows 2000. The vulnerability could allow a malicious user to use repeated attempts to guess an account password even if the domain administrator had set an account lockout policy.

A flaw in the way that NTLM authentication operates in Windows 2000 could allow a domain account lockout policy to be bypassed on a local Windows 2000 machine, even if the domain administrator had set such a policy. The ability of a malicious user to avoid the domain account lockout policy could increase the threat from a brute force password-guessing attack.

This vulnerability only affects Windows 2000 machines that are members of non-Windows 2000 domains. In addition, the vulnerability only affects domain user accounts that have previously logged into the target machine and already have cached credentials established on that machine. If a domain account lockout policy is in place and an attacker attempts a brute force password-guessing attack, the domain user account will be locked out as expected at the domain controller. However, if the attacker is able find the correct password, the local Windows 2000 machine will log the attacker on using cached credentials in violation of the account lockout policy. Although the attacker would be able to log on to the local machine, he or she would not be able to authenticate to the domain or gain access to resources on other machines in the domain.

CNET Editor's Note: Windows 2000 Gold is not affected by this vulnerability. This patch will be included in Windows 2000 Service Pack 2. Domain Account Lockout vulnerability FAQ.

See more CNET content tagged:
Microsoft Windows 2000,
attacker,
domain,
malicious user,
policy
Complete and easy-to-use internet security software for your PC.

More popular Encryption Software downloads

  1. 58,873 downloads 1. RoboForm
  2. 10,761 downloads 2. SuperEncryptor
  3. 5,756 downloads 3. Folder Lock
  4. 2,546 downloads 4. Eraser
  5. 2,154 downloads 5. RAR Password Cracker
  6. See all Encryption Software downloads
Monitor and analyze your stocks, mutual funds, and indices right from your PC desktop

User reviews

Submit your review

Log in or create an account to submit your review for:

Windows 2000 Domain Account Lockout Vulnerability Patch MS00-089

ORLog in with your Facebook account
1. Rate this product:
(Mouse over the stars to rate this product and click to set your rating.)
2. One-line summary:(Summarize your review in one line. 10 characters minimum; required.)
0 of 55 characters
3. Pros:(Tell us what you like about this product. 10 characters minimum; required.)
0 of 250 characters
4. Cons:(Tell us what you don't like about this product. 10 characters minimum; required.)
0 of 250 characters
Bottom-line summary:(Explain to us in detail why you like or dislike the product, focusing your comments on the product's features and functionality, and your experience using the product. This field is optional.)
0 of 5000 characters

The posting of advertisements, profanity, or personal attacks are prohibited.
Click here to review our site terms of use.

Submit

You must be 13 years of age or older to submit personal information to CNET Networks. In compliance with the Children's Online Privacy Protection Act of 1998, CNET Networks does not accept name and e-mail address information from users who are under 13 years of age.

All submitted ratings and written comments become the sole property of CNET Networks, Inc. (CNET) and may be used at CNET Networks' sole discretion. Ratings and written comments are generally posted within two to four business days in batch groups, not in real time. However, CNET Networks reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET Networks, are responsible for the contents of your submission.

CNET Networks is not responsible for the content of the publisher's descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CNET Download.com does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products.

advertisement
Click Here