The Training Book, the handbook for trainers


 
ITrain - International Association of Information Technology Trainers Windows NT 4.0 Security Hole
Fix available from Microsoft
Sidebar image map WinNT Security Hole
by Dave Murphy
ISSN 1535-3613

Dave Murphy, DGL President & ITrain founder A hole in Windows NT 4.0's security was announced emerged this week. Because of this hole, network administrators to lose remote control of their NT-based server. The bug can cause an NT-based network server to lock out all remote instructions, which can effectively freeze the machine.

If a user opens a connection, transmits a string that isn't understood as a command, and then disconnects, CPU utilization rises to 100 percent as the server tries to interpret the data.

Administrators using the Microsoft fix still need to be careful: If the NT Service Pack is reinstalled after the fix has been applied -- the pack warns that this should be done if the configuration is changed -- the amended rpcltscm.dll file is overwritten by the original flawed version, causing the bug to re-emerge.

The patch can be found at ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixes-postSP2/RPC-fix.

Subscribe to ITINFO.
Receive computing and Internet news & tips
by subscribing to the ITINFO information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Damar Group, Ltd. helps business use technology.

ITINFO is again accepting sponsors. Sponsor messages are included in ITINFO's email newsletter and are permanently posted to DGL's website and online reference areas.

ITINFO is an electronic publication of Damar Group, Ltd., publisher of Training Express computer learning guides. Comments and submissions to info@dgl.com.

Previous issues are on our website at dgl.com/dglinfo.

updated February 2, 1997
http://dgl.com/dglinfo/1997/dg970202.html

Damar GroupReturn to DGL homepage
Copyright © 1997, Damar Group, Ltd., All Rights Reserved