Main > Security & Privacy > Encrypting >

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001

Sponsored Links

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 Ranking & Summary

RankingClick at the star to rank
Ranking Level
User Review: 0 (0 times)
Download now
File size: 304.7KB
Platform: Windows Me
License: Freeware
Price:
Downloads: 12
Date added: 2001-01-12
Publisher: Microsoft. Corp.

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 description

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 is regarded as an innovative and versatile patch which eliminates a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me.

The vulnerability could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a Web server.

The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via Web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed. Instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious user's Web site, either by browsing to the site or by opening an HTML mail that initiated a session with it, an application on the site could capture the user's NTLM credentials. The malicious user could then use an offline brute-force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources.

The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another user's computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system.

However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system.

Frequently asked questions regarding this vulnerability can be found here.

Download now

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 Screenshot

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 View Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 Full Screenshot
Advertisements
Download Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 Keywords

Windows Me NTLM MS01 Windows 2000 WEC Microsoft Office Web Client NTLM Authentication Vulnerability NTLM Authentication Web client Microsoft Web vulnerability patch Office 2000 Malicious user windows vulnerability patch

Bookmark Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001

Hyperlink code:
Link for forum:

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 Copyright

WareSeeker periodically updates pricing and software information of Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed

Allok Video Splitter 2.2.0 Review:

Name (Required)
Email(Required)
Captcha
Featured Software

Want to place your software product here?
Please contact us for consideration.

Contact WareSeeker.com
Embed software to your page
Related Information
windows media player 11 windows media player windows messenger windows live messenger windows media player 10 windows message windows media windows media 10 windows media player update windows media 11 windows media player charles hamilton ntlm authentication failed windows messenger live windows mediaplayer windows media center xbox 360 windows media connect windows media player 12 server allows ntlm authentication only
More
Related Software

Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001

Microsoft Windows ME Security Patch: Web Client NTLM Authentication Vulnerability MS01-001

The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via web folders, similar to viewing and adding fil Free Download

Microsoft WinNT Remote Registry Access Authentication Vulnerability Patch 6-24-2000

A patch that eliminates a security vulnerability in Microsoft® Windows NT 4.0. Under certain conditions, the vulnerabilitycould be used to cause a Windows NT 4.0 machine to fail. Before a request to Free Download

Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) MS00-100

Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) MS00-100 is a highly-efficient, high-quality patch which eliminates a security vulnerability in a component that ships as part of Microsoft Internet Information Server. Free Download

WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074)

WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074) is a professional and smart patch which eliminates a security vulnerability in Microsoft WebTV for Windows. Free Download

Microsoft Netmon Protocol Parsing Vulnerability Patch (Windows 2000) (MS00-083)

Microsoft Netmon Protocol Parsing Vulnerability Patch (Windows 2000) (MS00-083) is a patch to remove a security vulnerability in Microsoft Windows 2000 server products and Systems Management Server. Free Download

Microsoft XML 3.0 Core Services Vulnerability Patch MS02-008

Microsoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT Free Download

Microsoft Outlook View Control Vulnerability Patch MS01-038

Microsoft Outlook View Control Vulnerability Patch is a beneficial and easy-to-use application which allows you to view Outlook e-mail folders on Web pages in Outlook 2000. Free Download

Microsoft IIS4 "Cross-Site Scripting" Vulnerability Patch (MS00-060)

Microsoft IIS4 "Cross-Site Scripting" Vulnerability Patch (MS00-060) is a professional and smart patch which eliminates security vulnerabilities in the Microsoft Internet Information Server. Free Download
Latest Software
  1. ForeFront Client Security Definition Updates 1.61.1585.0
  2. Microsoft Exchange Server 5.5 Web Client Patch Update
  3. Microsoft Windows 95 Patch: Microsoft Fax Disables
  4. Microsoft Windows 2000 Patch: UDP
  5. Microsoft Outlook 98 Patch: United Kingdom 020 Are Update
  6. Microsoft Word 97 and 98 Patch: Malformed Conversi Update
  7. Microsoft SQL Server 7.0 "DTS Password" Vulnerabil N/A
  8. Microsoft Windows 2000 Patch: ActiveX Parameter Va
Popular Software
  1. Microsoft Word 2000 RTF Macro Vulnerability Patch
  2. Windows XP RPC Interface Buffer Overrun Security Vulnerability Patch 823980
  3. Web Translator 8.01 Build 6622
  4. Microsoft Excel 2002 for Windows Macro Modification Security Vulnerability Patch MS01-050
  5. Windows Media Player 7 Skins File Download Vulnerability Patch 38041 (2/12/01)
  6. Microsoft Internet Explorer Active Setup Control Vulnerability patch 0
  7. Microsoft SQL Server Malformed TDS Packet Header Vulnerability patch 1
  8. Microsoft IIS Escape Character Parsing Vulnerability patch 1
Favourite Software
  1. Internet Explorer 5.5 Scriptlet Rendering Vulnerability Patch
  2. Windows XP Help and Support Center Vulnerability Patch MS02-060
  3. Visual FoxPro 6.0 Launch Security Vulnerability Patch MS02-049
  4. Microsoft Data Access Components 2.7 Unchecked Buffer Vulnerability Patch MS02-040
  5. Voice Web Studio 2.0
  6. Microsoft IIS4 File Fragment Reading via HTR Vulnerability Patch MS01-004
  7. Internet Explorer 6 VBScript Handling Vulnerability Patch MS02-009
  8. Personal Web Server File Access Vulnerability Patch (FrontPage 98)