Windows NT NTLMSSP Privilege Elevation Vulnerability Patch

Name: Windows NT NTLMSSP Privilege Elevation Vulnerability Patch
Rating: 1 (1 reviews)
Author: Microsoft

Used Windows NT NTLMSSP Privilege Elevation Vulnerability Patch for Windows? Share your experience and help other users.

Developer’s Description

By Microsoft

Patch a flaw in Windows NT 4.0 that could allow an unprivileged process to run code in the NTLMSSP service.

The NTLM Security Support Provider (NTLMSSP) service in Windows NT 4.0 is responsible for handling NTLM authentication requests, and runs by default on all Windows NT 4.0 systems. A flaw in the service's implementation could allow a service request from an unprivileged process to cause code to run in the context of the NTLMSSP service, which runs with Local System privileges. This could enable attackers to programmatically levy requests that would have the effect of running the codes of their choice with System privileges. Workstations and terminal servers are the machines at greatest risk under most conditions.