Patch Available for "Relative Shell Path" Vulnerability
Originally posted: July 28, 2000
Summary
=======
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Windows NT(r) 4.0 and Windows(r) 2000.
Under certain conditions, the vulnerability could enable a malicious
user to cause code of his choice to run when another user
subsequently logged onto the same machine.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-052.asp
Affected Software Versions
==========================
- Microsoft Windows NT 4.0 Workstation
- Microsoft Windows NT 4.0 Server
- Microsoft Windows NT 4.0 Server, Enterprise Edition
- Microsoft Windows NT 4.0 Server, Terminal Server Edition
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
Patch Availability
==================
- Microsoft Windows NT 4.0 Workstation, Windows NT 4.0 Server,
and Windows NT 4.0 Server, Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23360
- Microsoft Windows NT 4.0 Server, Terminal Server Edition patches
will be available soon.
- Microsoft Windows 2000 Professional, Server, and Advanced Server:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23359
Originally posted: July 28, 2000
Summary
=======
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft(r) Windows NT(r) 4.0 and Windows(r) 2000.
Under certain conditions, the vulnerability could enable a malicious
user to cause code of his choice to run when another user
subsequently logged onto the same machine.
Frequently asked questions regarding this vulnerability
and the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-052.asp
Affected Software Versions
==========================
- Microsoft Windows NT 4.0 Workstation
- Microsoft Windows NT 4.0 Server
- Microsoft Windows NT 4.0 Server, Enterprise Edition
- Microsoft Windows NT 4.0 Server, Terminal Server Edition
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
Patch Availability
==================
- Microsoft Windows NT 4.0 Workstation, Windows NT 4.0 Server,
and Windows NT 4.0 Server, Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23360
- Microsoft Windows NT 4.0 Server, Terminal Server Edition patches
will be available soon.
- Microsoft Windows 2000 Professional, Server, and Advanced Server:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23359
