Microsoft Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions for Windows

Name: Microsoft Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions
Rating: 4.9 (1 reviews)
Author: Microsoft

Used Microsoft Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions for Windows? Share your experience and help other users.

Key Details of Microsoft Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions

Security Patch
Last updated on February 29, 2024
There have been 4 updates
Virus scan status:
Clean (it’s extremely likely that this software program is clean)

Download.com has chosen not to provide a direct-download link for this product and offers this page for informational purposes only.

Developer’s Description

By Microsoft

Security Patch

The Microsoft Exchange System Attendant is one of the core services in Microsoft Exchange. It performs a variety of functions related to the on-going maintenance of the Exchange system. To allow remote administration of an Exchange Server using the Exchange System Manager Microsoft Management Console (MMC) snap in, the System Attendant makes changes to the permissions on the Windows Registry to allow Exchange Administrators to remotely update configuration settings stored in the Registry.

There is a flaw in how the System Attendant makes these Registry configuration changes. This flaw could allow an unprivileged user to remotely access configuration information on the server. Specifically, this flaw inappropriately gives the "Everyone" group privileges to the WinReg key. This key controls the ability of users and groups to remotely connect to the Registry. By default, only Administrators are given the ability to remotely connect to the Registry, by granting permissions on this key.

The flaw does not grant any abilities beyond the ability to connect remotely. However, an attackerÃ?????Ã????Ã???Ã??Ã?Â¢??s ability to make changes to the Registry once they have successfully connected would be dictated by the permissions on the specific keys within the Registry itself. Thus, while this vulnerability does not itself give an attacker the ability to change Registry settings, it could be used in conjunction with inappropriately permissive registry settings to gain access to, and make changes to a systems Registry.