Windows NT Remote Registry Access Authentication Vulnerability

Microsoft has released a patch that eliminates a security vulnerability in Microsoft Windows NT 4.0. This vulnerability can allow access to the Registry from a remote computer. The remote computer must be authenticated by a remote Registry server before it can be processed. If a request is malformed in a specific fashion, the request is misinterpreted by the remote Registry server, causing it not to work. Because the remote Registry server runs within the Winlogon.exe system process in Windows NT 4.0, a problem in that process causes problems with the entire system. Only an authenticated user can run such a request. An anonymous (or null-session) connection cannot cause this problem. You can place an affected computer back in service by rebooting the computer.A supported fix that corrects this problem is now available from Microsoft, but it has not been fully regression tested and should be applied only to systems experiencing this specific problem. If you are not severely affected by this specific problem, Microsoft recommends that you wait for the next Windows NT 4.0 service pack that contains this fix. To resolve this problem immediately, download this fix.
File Size638.59 kB
Operating System Windows Windows NT