eliminates a security vulnerability which could allow a malicious user to disrupt normal operation of an affected machine and potentially of an entire network.
This vulnerability could allow a malicious user to corrupt parts of a Windows system’s local security policy, with the effect of disrupting domain membership and trust relationship information.
If a workstation or member server were attacked via this vulnerability, it would effectively remove the machine from the domain. If a domain controller were attacked, it could no longer process domain logon requests.
Recovering from such an attack would likely require that a known-working configuration be restored from backup.
It would not be necessary to be an authenticated domain member in order to mount an attack via this vulnerability. Any user who could establish an RPC (Remote Procedure Call) connection with an affected machine and send the proper command sequence to it could exploit the vulnerability.
If the malicious users were intranet users, they could likely attack any machine within the network. If they were on the Internet, they could likely attack only machines on the network edge that allow RPC connections.
Please note that customers who have applied Windows Service Pack 1 are already protected against the vulnerability and do not need to take any further action.
Microsoft Windows 2000 Local Security Policy Corruption Vulnerability Patch runs on
Windows 2000
and is available under the
Freeware
license
— the installer is 518 KB.
We’ve catalogued it under
System.
✓
Verified clean. Every Microsoft Windows 2000 Local Security Policy Corruption Vulnerability Patch build on SoftLookup is scanned for viruses, spyware, adware, trojans and backdoors. We re-test on every update.
Help fellow users decide. Share your experience with Microsoft Windows 2000 Local Security Policy Corruption Vulnerability Patch.