Windows 2000 users vulnerable to new attack

After an internal team of security experts at Microsoft discovered a security vulnerability in Windows 2000, a patch was developed and released correcting the exploit.

Users of Microsoft Windows 2000 are subject to a "Local Security Policy Corruption" vulnerability that can boot them off their network, or in a worst case scenario, deny network access to all users in a given domain. Microsoft has issued a free patch to protect users from this new attack. Protect your PC and network with the latest security information and updates.

REDMOND, Wa. - After an internal team of security experts at Microsoft discovered a security vulnerability in Windows 2000, a patch was developed and released correcting the exploit.

The "Local Security Policy Corruption" vulnerability is a denial of service vulnerability that could knock a machine out of a network. Sources at Microsoft say all network operations could be disrupted if the attack was successful against a domain controller.

The vulnerability results from a malicious user being able to corrupt the local security policy-information that sets user permissions on a network - of a PC.

As stated by Microsoft in a recent advisory, "Unprivileged users should not be able to cause any changes in the local security policy on a machine. However, the vulnerability provides a way for a normal user to corrupt parts of it, in order to prevent it from participating in normal network operations."

What's at risk
While the malicious user could not usurp any control over a PC on the network, they could alter security information on a machine and prevent it from participating in the network.

This machine would be isolated from the others and would not be able to access network drives, printers or other network devices.

The security vulnerability becomes more severe if a domain controller were attacked. If successful, login requests from other machines on a network would be denied and the users would be denied service to the domain.

To recover from such an attack Microsoft asserts the only way would be from implementing a working configuration from a backup.

Do I need the patch?
According to Microsoft, "This vulnerability should be taken especially seriously. It could allow a user to significantly disrupt network operations, and restoring an affected machine to normal service would be a time-consuming process."

All users of Windows 2000 that have not installed Windows 2000 SP1 are vulnerable to this type of attack.

Users who have applied SP1 for Windows 2000 need not apply this patch and are currently protected from the "Local Security Policy Corruption" vulnerability.

To protect your PC download either: Windows 2000 SP1 or Windows 2000 "Local Security Policy Corruption" Vulnerability Patch.