Icon of program: Microsoft Windows 2000 Pa…

Microsoft Windows 2000 Patch: Domain Account Lockout

Download now

Used Microsoft Windows 2000 Patch: Domain Account Lockout for Windows?

Editors’ Review

Download.com staff
This security update resolves the 'Domain Account Lockout' vulnerability. It enforces account lockout policies on Windows 2000 systems to prevent unauthorized local access resulting from repeated password-guessing attempts.

  • Pros

    • Resolves the Domain Account Lockout security vulnerability
    • Enforces Account Lockout Policy against repeated password guesses
    • Prevents unauthorized local logon via guessed passwords
    • Addresses vulnerability detailed in Microsoft Security Bulletin MS00-089

  • Cons

    • Requires Windows 2000 Professional with Service Pack 1
    • Only applies to systems on non-Windows 2000 domains
    • Not required for stand-alone or native domain computers
    • Attack is restricted to accounts with cached logon credentials
Icon of program: Microsoft Windows 2000 Pa…

Microsoft Windows 2000 Patch: Domain Account Lockout

Download now

Used Microsoft Windows 2000 Patch: Domain Account Lockout for Windows?

Explore More

Full Specifications

GENERAL
Release
Latest update
Version
Update
OPERATING SYSTEMS
Platform
Windows
Operating System
  • Windows 10
  • Windows 98
  • Windows XP
  • Windows 2000
Additional Requirements
None
POPULARITY
Total Downloads
120
Downloads Last Week
0
Report Software

Program available in other languages

Last Updated

Developer’s Description

By Microsoft
Windows 2000 Update
This update resolves the "Domain Account Lockout" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-089. Download now to ensure that the Account Lockout Policy helps prevent unauthorized access to the computers in your network.

Under very specific conditions, a malicious user can try repeatedly to guess an account password, even if the domain administrator has set the Account Lockout Policy to disable the account after a specified number of attempts to access it.

A number of factors limit the scope of this vulnerability:

  • This vulnerability affects only computers running Windows 2000 on a non-Windows 2000 domain. Stand-alone Windows 2000 computers and Windows 2000 computers on a Windows 2000 domain are not vulnerable.
  • A password-guessing attack is restricted to domain accounts that have cached the logon credentials of an authorized user.
  • If a malicious user guesses the correct password, he or she can use it only to log on to the local computer. The domain Account Lockout Policy still prevents a domain controller from authenticating an unauthorized user and it prevents a malicious user from accessing other computers in the domain using the guessed password. For more information about this vulnerability, read Microsoft Security Bulletin MS00-089. This update applies to Windows 2000 Professional, Service Pack 1, Windows 2000 without Service Pack 1 is not affected by this vulnerability.
    • Download.com
    Your review for Microsoft Windows 2000 Patch: Domain Account Lockout