'sec-fix' for NT 3.51

Aleph One (aleph1@DFW.NET)
Thu, 26 Jun 1997 09:54:57 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jes Sorensen: "Re: Solaris Ping bug (DoS)"
Previous message: Gnuchev Fedor: "Re: Solaris Ping bug (DoS)"

---------- Forwarded message ----------
Date: Wed, 25 Jun 1997 23:02:34 +0100
From: Alan C. Ramsbottom <acr@ALS.CO.UK>
To: NTBUGTRAQ@RC.ON.CA
Subject: 'sec-fix' for NT 3.51

Perhaps everyone has already upgraded all their machines, but an NT
3.51 version of the 'sec-fix' seems to have quietly arrived on the
MS ftp server a couple of weeks ago. It can be found at:

ftp.microsoft.com

..in the (very long) directory:

/bussys/winnt/winnt-public/fixes/usa/NT351/hotfixes-postSP5/sec-fix

The 3.51 version of the fix addresses two security 'exploits' that
are described in the KB articles:

Q143474 - Anonymous logon user (Red Button).
Q161372 - SMB signing to prevent "Man in the middle" attacks.

Unlike the NT 4 version (now part of SP3), this *doesn't* include
the System Key fix that allows you to enable strong encryption of
the SAM database (Q143475).

Regards,

--Alan--
acr@als.co.uk

Next message: Jes Sorensen: "Re: Solaris Ping bug (DoS)"
Previous message: Gnuchev Fedor: "Re: Solaris Ping bug (DoS)"