Microsoft Windows 2000 Patch: Domain Account Lockout

Name: Microsoft Windows 2000 Patch: Domain Account Lockout
Rating: 4.9 (1 reviews)
Author: Microsoft

Download now

Used Microsoft Windows 2000 Patch: Domain Account Lockout for Windows? Share your experience and help other users.

Developer’s Description

By Microsoft

Windows 2000 Update

This update resolves the "Domain Account Lockout" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-089. Download now to ensure that the Account Lockout Policy helps prevent unauthorized access to the computers in your network.

Under very specific conditions, a malicious user can try repeatedly to guess an account password, even if the domain administrator has set the Account Lockout Policy to disable the account after a specified number of attempts to access it.

A number of factors limit the scope of this vulnerability:

This vulnerability affects only computers running Windows 2000 on a non-Windows 2000 domain. Stand-alone Windows 2000 computers and Windows 2000 computers on a Windows 2000 domain are not vulnerable.

A password-guessing attack is restricted to domain accounts that have cached the logon credentials of an authorized user.

If a malicious user guesses the correct password, he or she can use it only to log on to the local computer. The domain Account Lockout Policy still prevents a domain controller from authenticating an unauthorized user and it prevents a malicious user from accessing other computers in the domain using the guessed password. For more information about this vulnerability, read Microsoft Security Bulletin MS00-089. This update applies to Windows 2000 Professional, Service Pack 1, Windows 2000 without Service Pack 1 is not affected by this vulnerability.