Used Windows 2000 Domain Account Lockout Vulnerability Patch for Windows? Share your experience and help other users.
Developer’s Description
A flaw in the way that NTLM authentication operates in Windows 2000 could allow a domain account lockout policy to be bypassed on a local Windows 2000 machine, even if the domain administrator had set such a policy. The ability of a malicious user to avoid the domain account lockout policy could increase the threat from a brute force password-guessing attack.
This vulnerability only affects Windows 2000 machines that are members of non-Windows 2000 domains. In addition, the vulnerability only affects domain user accounts that have previously logged into the target machine and already have cached credentials established on that machine. If a domain account lockout policy is in place and an attacker attempts a brute force password-guessing attack, the domain user account will be locked out as expected at the domain controller. However, if the attacker is able find the correct password, the local Windows 2000 machine will log the attacker on using cached credentials in violation of the account lockout policy. Although the attacker would be able to log on to the local machine, he or she would not be able to authenticate to the domain or gain access to resources on other machines in the domain.
Used Windows 2000 Domain Account Lockout Vulnerability Patch for Windows? Share your experience and help other users.
Explore More
Service Pack Manager
Trial version
Image Lock PEA
Free
Shredder
FreeCyberGuard
Trial versionTK8 Safe
Trial versionPassword Miner
Free
SecureCrypt Ultimate Edition
Free
imlSoft Whole Disk Encryption
Trial versionFileBarricader 2007
FreePCMesh Hide Files and Folders
Trial versionFileCrypt Desktop Pro
Trial versionSHADeR
Trial version
