Version: 2008
  • On The Insider: Britney's Bikini-Clad Top 10
advertisement
Click Here

Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Patch

  • Quick specs
  • Price: Free
  • Operating system: Windows 2000
  • Date added: August 11, 2000
  • Total Downloads: 48,997
  • Downloads last week: 2
  • See full specifications
Add to my list Add to my Watch List
Download Now (553.51K)
Tested spyware free

Publisher's description

From Microsoft :

The Service Control Manager (services.exe) is an administrative tool provided in Windows 2000 that allows system services (Server, Workstation, Alerter, ClipBook, etc.) to be created or modified. The SCM creates a named pipe for each service as it starts, however, should a malicious program predict and create the named pipe for a specific service before the service starts, the program could impersonate the privileges of the service. This could allow the malicious program to run in the context of the given service, with either specific user or LocalSystem privileges.

The primary risk from this vulnerability is that a malicious user could exploit this vulnerability to gain additional privileges on the local machine. A malicious user would require the ability to log onto the target machine interactively and run arbitrary programs in order to exploit this vulnerability, and as a result, workstations and terminal servers would be at greatest risk.

Affected Software Versions

  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server

Microsoft has released a patch that eliminates this security vulnerability.

Blackbery Apps
Get the blackberry apps you need.
Download Now

More popular Encryption Software downloads

  1. 52,623 downloads 1. RoboForm
  2. 27,875 downloads 2. Hotspot Shield
  3. 26,862 downloads 3. Computer Use Reporter
  4. 8,814 downloads 4. Easy File Encryption
  5. 8,095 downloads 5. Easy Private Disk
  6. See all Encryption Software downloads
Sonic PDF Creator
Convert any Windows file to a secure PDF document.
Download Now

User reviews

Submit your review

Log in or create an account to submit your review for:

Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Patch

ORLog in with your Facebook account
1. Rate this product:
(Mouse over the stars to rate this product and click to set your rating.)
2. One-line summary:(Summarize your review in one line. 10 characters minimum; required.)
0 of 55 characters
3. Pros:(Tell us what you like about this product. 10 characters minimum; required.)
0 of 250 characters
4. Cons:(Tell us what you don't like about this product. 10 characters minimum; required.)
0 of 250 characters
Bottom-line summary:(Explain to us in detail why you like or dislike the product, focusing your comments on the product's features and functionality, and your experience using the product. This field is optional.)
0 of 5000 characters

The posting of advertisements, profanity, or personal attacks are prohibited.
Click here to review our site terms of use.

Submit
See more CNET content tagged:
Microsoft Windows 2000,
malicious program,
malicious user,
privilege,
vulnerability

advertisement
download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET