Main > Security & Privacy > Encrypting >

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001

Sponsored Links

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 Ranking & Summary

RankingClick at the star to rank
Ranking Level
User Review: 0 (0 times)
Download now
File size: 1.6MB
Platform: Windows 2000
License: Freeware
Price:
Downloads: 15
Date added: 2001-01-12
Publisher: Microsoft. Corp.

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 description

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 has come as a handy tool to deal with a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me. The vulnerability could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a Web server.

The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows Internet Explorer to view and publish files via Web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed.

Instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious user's Web site, either by browsing to the site or by opening an HTML mail that initiated a session with it, an application on the site could capture the user's NTLM credentials. The malicious user could then use an offline brute-force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources.

The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another user's computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system. However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system.



Download now

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 Screenshot

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 View Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 Full Screenshot
Advertisements
Download Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 Keywords

NTLM Windows 2000 MS01 Microsoft Office 2000 Microsoft Office Windows Me Web Client NTLM Authentication Vulnerability NTLM Authentication Microsoft Web Web client vulnerability patch Office 2000 Malicious user 2000 windows vulnerability

Bookmark Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001

Hyperlink code:
Link for forum:

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 Copyright

WareSeeker periodically updates pricing and software information of Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed

Allok Video Splitter 2.2.0 Review:

Name (Required)
Email(Required)
Captcha
Featured Software

Want to place your software product here?
Please contact us for consideration.

Contact WareSeeker.com
Embed software to your page
Related Information
windows 2000 service pack 3 windows 2000 professional microsoft office 2000 premium windows 2000 sp3 microsoft office 2000 updates windows 2000 sp4 what is windows 2000 server windows 2000 server microsoft office 2000 product key windows 2000 startup ntlm authentication failed msconfig windows 2000 microsoft office online microsoft windows 2000 windows 2000 users microsoft office 2000 resume wizard windows messenger microsoft office 2007
More
Related Software

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001

Microsoft Windows ME Security Patch: Web Client NTLM Authentication Vulnerability MS01-001

The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via web folders, similar to viewing and adding fil Free Download

Microsoft WinNT Remote Registry Access Authentication Vulnerability Patch 6-24-2000

A patch that eliminates a security vulnerability in Microsoft® Windows NT 4.0. Under certain conditions, the vulnerabilitycould be used to cause a Windows NT 4.0 machine to fail. Before a request to Free Download

Microsoft Clip Art Buffer Overrun Vulnerability Patch 1

Microsoft has released a patch that eliminates a security vulnerability in the Microsoft® Clip Art Gallery. The vulnerability could allow a malicious party to cause hostile code to execute on the com Free Download

Microsoft Internet Explorer HTML Help File Code Execution Vulnerability patch 6-8-2000

Microsoft has released a patch that eliminates a security vulnerability in the HTML Help facility that ships with Microsoft® Internet Explorer. Under certain conditions,the vulnerability could allow Free Download

Microsoft IIS 4.0 Chunked Encoding Post Vulnerability patch MS00-018

Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Internet Information Server 4.0. The vulnerability could allow a malicious user to consume all resources on a web Free Download

Microsoft Internet Explorer Active Setup Control Vulnerability patch 0

Microsoft has released a patch that eliminates a vulnerability that could allow a malicious user to embed an unsafe executable within an email and disguise it as a safe type of attachment. Through a c Free Download

Microsoft VM File Reading Vulnerability patch 1

Microsoft has released a patch that eliminates a security vulnerability in the Microsoft® virtual machine (Microsoft VM). The vulnerability could enable a malicious web site operatorto read files fro Free Download

Microsoft IP Fragment Reassembly Vulnerability Patch 5-19-2000

A patch that eliminates a security vulnerability in Windows 95/98/NT/2000. The vulnerability could be used to cause an affected machine to temporarily stop performing useful work. The affected systems Free Download
Latest Software
  1. Sticky Password 3.2.0.14
  2. Techinline Remote Desktop 1.1
  3. Solution4VOIP Voipswitch 2.0.0.745
  4. Maverick.NET 1.0.7
  5. HotKeyManager 1.0
  6. Search for ASP.NET 2.1
  7. Web-based Project Management Software 4.1
  8. 123flashchat V 6.0-3
Popular Software
  1. WebFerret 1.3001
  2. 602LAN SUITE 2004.0.06.1017
  3. ChatSpace 1.4
  4. Advanced Log Analyzer 1.4
  5. Empay Private Pay 1.0
  6. Browser Lock Technology Preview 2.05
  7. AvantGo Desktop and Web Client 3.0
  8. Microsoft Office 2000 Service Release 2 (SR-2) (German Edition) 11-28-00
Favourite Software
  1. All2POP 1.01
  2. Tito Web Studio 1.0
  3. Aspose.Excel.Web 1.4
  4. A1Monitor Web Server Monitor 3.7.3
  5. FTP Assistant for Webmasters 3.0
  6. MerLAN 1.0
  7. PlanetDNS Client 2.01
  8. VCX Library 3.0.2005.08