Editors' Note: Microsoft Windows NT 4.0 is not affected by this vulnerability. This patch will also be included in the next Service Pack for Windows 2000, it can be applied to a computer with or without Service Pack 1.
This patch eliminates a security vulnerability in Microsoft Windows 2000. The vulnerability could allow a malicious user to cause a Denial of Service on a Windows 2000 computer. The denial of service can occur when a malicious client sends a particular malformed RPC (Remote Procedure Call) packet to the server, causing the RPC service to fail. Windows 2000 servers that are directly exposed to the Internet are at greatest risk from this vulnerability. A server behind a firewall that blocks ports 135-139 and 445 will not be affected by this vulnerability from the Internet. RPC services and the functioning of the server could be restored after an attack by rebooting the affected computer.