Features
-
License:
Free
-
Editor's Rating:
Not rated
- Average User Rating:
-
Downloads:
10,033
- Operating Systems:
Windows 2000
- Additional Requirements:
Windows 2000 Professional/Server/Advanced Server
- Limitations:
No limitations
- Date Added:
June 29, 2001
Publisher's description of Windows 2000 Network DDE Vulnerability Patch
From Microsoft:Network Dynamic Data Exchange (DDE) is a technology that enables applications on different Windows computers to dynamically share data. This sharing is effected via communications channels called trusted shares, which are managed by a service called the Network DDE Agent. By design, processes on the local machine can levy requests upon the Network DDE Agent, including ones that indicate what application should be run in conjunction with a particular trusted share. However, a vulnerability exists because, in Windows 2000, the Network DDE Agent runs using the Local System security context and processes all requests using this context, rather than that of the user. This would give an attacker an opportunity to cause the Network DDE Agent to run code of her choice in Local System context, as a means of gaining complete control over the local machine.
Microsoft recommends that customers using Windows 2000 workstations or who allow unprivileged users to run code on Windows 2000 servers apply the patch immediately. In addition, customers operating Windows 2000 Web servers should consider applying the patch to those machines as well, as a precautionary measure.
- See more CNET content tagged:
- Microsoft Corp.,
- Microsoft Windows,
- Microsoft Windows 2000,
- context,
- server
More popular Corporate Security Software downloads
- 532 downloads 1. McAfee Total Protection for Small Business
- 368 downloads 2. Activity Monitor
- 314 downloads 3. Wireshark
- 299 downloads 4. Trend Micro OfficeScan Managed Antivirus
- 292 downloads 5. Ping Tester Pro
- See all Corporate Security Software downloads
User reviews
Write your own review Be the first one to review Windows 2000 Network DDE Vulnerability Patch MS01-007 (2/9/01) and share your experience with the CNET community!
Previous versions: See all user reviews
Submit your review
You must be 13 years of age or older to submit personal information to CNET Networks. In compliance with the Children's Online Privacy Protection Act of 1998, CNET Networks does not accept name and e-mail address information from users who are under 13 years of age.
All submitted ratings and written comments become the sole property of CNET Networks, Inc. (CNET) and may be used at CNET Networks' sole discretion. Ratings and written comments are generally posted within two to four business days in batch groups, not in real time. However, CNET Networks reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET Networks, are responsible for the contents of your submission.
CNET Networks is not responsible for the content of the publisher's descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CNET Download.com does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products.
