This patch addresses a vulnerability that could allow a malicious user to programmatically access a Windows 9x/ME file share without knowing the entire password assigned to that share.Microsoft Windows 9x/Me provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised by a malicious user who used a special client utility without knowing the entire password required to access that share.Only share level access permissions are vulnerable. If a Windows 9x or Windows Me machine were part of a Windows NT domain, user-level access controls could be enforced on file shares and passwords would not be needed to allow access to those shares. Windows NT and Windows 2000 machines can only be setup with user-level file share access controls and are not susceptible to this vulnerability. Read the "Share Level Password" Vulnerability FAQ.
|File Size||191.15 kB|
|Operating System||Windows Windows Me|