Menu
Vulnerability in Windows NT 4 - Patch online

Vulnerability in Windows NT 4 - Patch online

A security hole in Windows NT 4 enables users who only have local rights on a system to obtain administrator rights on individual workstations. The problem lies in the NTLM Security Support Provider (NTLMSSP). With a valid account, users can outsmart the system.

If they run a special code that establishes communication with the NTLMSSP, any programs can be started on the workstation. Shortly after this vulnerability became known, Microsoft published a patch. Although this error only affects the server and workstation versions of Windows NT 4, Microsoft recommends applying the patch to the Enterprise and Terminal Server editions as well.

Comments