Publisher's Description
From Microsoft:
The Service Control Manager (services.exe) is an administrative tool provided in Windows 2000 that allows system services (Server, Workstation, Alerter, ClipBook, etc.) to be created or modified. The SCM creates a named pipe for each service as it starts, however, should a malicious program predict and create the named pipe for a specific service before the service starts, the program could impersonate the privileges of the service. This could allow the malicious program to run in the context of the given service, with either specific user or LocalSystem privileges.
The primary risk from this vulnerability is that a malicious user could exploit this vulnerability to gain additional privileges on the local machine. A malicious user would require the ability to log onto the target machine interactively and run arbitrary programs in order to exploit this vulnerability, and as a result, workstations and terminal servers would be at greatest risk.
Affected Software Versions
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
Microsoft has released a patch that eliminates this security vulnerability.
More Products to Consider
-
Protect your PC against the latest viruses and spyware.DownloadInstalled
Smart Install -
Protect your computer from viruses and malicious programs.DownloadInstalled
Smart Install -
Detect and quickly remove malicious threats to your computer.DownloadInstalled
Smart Install -
Scan and remove the deepest malware that your antivirus/antispy...DownloadInstalled
Smart Install -
Provide secure, anonymous, and private browsing on Wi-Fi hotspo...DownloadInstalled
Smart Install -
Search your hard disk and Registry for threats to your security...DownloadInstalled
Smart Install -
Login everywhere automatically, so you'll never need to remembe...DownloadInstalled
Smart Install -
Modify locked Microsoft PowerPoint 2007/2010/2013 presentations...DownloadInstalled
Smart Install -
Store your credentials securely via sophisticated encryption.DownloadInstalled
Smart Install -
Detect and eliminate viruses, get free protection for home user...DownloadInstalled
Smart Install -
Secure desktops and lock computers on the network.DownloadInstalled
Smart Install -
Protect PC from viruses, Trojans, worms, buffer overflows, zero...DownloadInstalled
Smart Install -
Protect yourself from infected sites.DownloadInstalled
Smart Install -
Guard your Windows PC from malware and Internet based attacks.DownloadInstalled
Smart Install -
Mask your E-mail address, phone number, or credit card in Firef...DownloadInstalled
Smart Install -
Patch a security vulnerability in an optional service that ship...DownloadInstalled
Smart Install - Protect yourself from infected sites.Download
Installed
Smart Install -
Download and exchange files safely, enjoy games and Web surfing...DownloadInstalled
Smart Install - Prevent malicious users from disrupting the operation of your s...Download
Installed
Smart Install -
Monitor, filter, and control all computer activities of your ch...DownloadInstalled
Smart Install -
Change proxy settings right from a Windows 7 desktop widget.DownloadInstalled
Smart Install -
Secure your connection to public Wi-Fi networks with premium VP...DownloadInstalled
Smart Install -
Protect folders, hide files, lock applications, and restrict ac...DownloadInstalled
Smart Install - Patch: Prevents a User Datagram Protocol (UDP) program from not...Download
This download is served from an external site
closeNOTICE: This link will open a connection to a third-party site. CNET cannot ensure the security of software that is hosted on external sites.
Sponsored ProductsInstalled
Smart Install
-
All versions:
3.5 starsout of 13 votes
-
Current version:
3.5 starsout of 13 votes
-
My rating:
Write review
Results 1-2 of 2
-
"Very Nice"
Version: Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Patch
-
"You would have to be nuts not to use this!"
Version: Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Patch
Results 1-2 of 2
