Icon of program: Windows 2000 Malformed Ev…

Windows 2000 Malformed Event Record Vulnerability Patch

Download now

Used Windows 2000 Malformed Event Record Vulnerability Patch for Windows?

Editors’ Review

Download.com staff
This patch from Microsoft resolves a critical vulnerability in Windows 2000's Event Viewer. It prevents potential code execution through specially crafted event records.

  • Pros

    • Fixes a critical security vulnerability
    • Prevents remote code execution
    • Protects user security context
    • Addresses buffer overrun issue
    • Enhances system stability

  • Cons

    • Applies only to Windows 2000
    • Requires user interaction to exploit
    • Does not address other potential vulnerabilities
Icon of program: Windows 2000 Malformed Ev…

Windows 2000 Malformed Event Record Vulnerability Patch

Download now

Used Windows 2000 Malformed Event Record Vulnerability Patch for Windows?

Explore More

Full Specifications

GENERAL
Release
Latest update
Version
ms01-013-2-26-01
OPERATING SYSTEMS
Platform
Windows
Operating System
  • Windows 10
  • Windows 2000
Additional Requirements
Windows 2000 Professional, Server, or Advanced Server
POPULARITY
Total Downloads
35,725
Downloads Last Week
13
Report Software

Program available in other languages

Last Updated

Developer’s Description

By Microsoft
Fix a vulnerability in Windows 2000 that could allow a malicious user to run code on an affected machine.
The Windows 2000 Event Viewer snap-in has an unchecked buffer in a section of the code that displays the detailed view of event records. If the event viewer attempted to display an event record that contained specially malformed data in one of the fields, either of two outcomes would result. In the less serious case, the event viewer would fail. In the more serious case, code of the attacker's choice could be made to run via a buffer overrun.

By design, unprivileged processes can log events in the System and Application logs, and interactively logged-on, unprivileged users can view them. However, only privileged processes can log events in the Security log, and only interactively logged-on administrators can view them. If the vulnerability were exploited to run code of the attacker's choice, the code would run in the security context of the user who viewed the affected record.

Download.com
Your review for Windows 2000 Malformed Event Record Vulnerability Patch