- Quick specs
- Price: Free
- Operating system: Windows NT
- Date added: February 16, 2001
- Total Downloads: 4,953
- Downloads last week: 1
- See full specifications
- Average user rating: Be the first to rate this product!
Publisher's description
From Microsoft :This patch eliminates a security vulnerability in Windows NT 4.0. The vulnerability could allow a malicious user to run a special program to disable an affected computer's network functionality. Like all other objects under Windows NT 4.0, mutexes--synchronization objects that govern access to resources--have permissions associated with them that govern how they can be accessed. However, a particular mutex used to govern access to a networking resource has inappropriately loose permissions. This could enable an attacker who had the ability to run code on a local machine to monopolize the mutex, thereby preventing any other processes from using the resource that it controlled. This would have the effect of preventing the machine from participating in the network.
The attacker would require interactive logon access to the affected machine. This significantly limits the scope of the vulnerability because, if normal security recommendations have been followed, unprivileged users will not be granted interactive logon rights to critical machines such as servers. Unprivileged users typically are granted interactive logon rights to workstations and terminal servers. However, a workstation would not be a tempting target for an attacker, because he could only use this vulnerability to deny service to himself. The machines most likely to be affected would be terminal servers.
More popular Encryption Software downloads
- 37,323 downloads 1. Computer Use Reporter
- 29,522 downloads 2. Hotspot Shield
- 26,293 downloads 3. RoboForm
- 10,828 downloads 4. Easy File Encryption
- 9,368 downloads 5. Easy Private Disk
- See all Encryption Software downloads
User reviews
Write your own review Be the first one to review Windows NT 4.0 "Winsock Mutex" Vulnerability Patch MS01-003 and share your experience with the CNET community!
Submit your review
- See more CNET content tagged:
- Microsoft Windows NT 4.0,
- attacker,
- logon,
- terminal server,
- vulnerability
