Add as a preferred source on Google


News

Microsoft Releases Security Fix for Service Pack 4

In light of a potentially disastrous security error, Microsoft Corp. released a patch for Windows NT Service Pack 4. Microsoft says the logic error could, under certain conditions, allow a user to log on interactively and connect to network shares using a blank password.

The company reports the vulnerability primarily affects Windows NT servers that serve as domain controllers in environments with DOS, Windows 3.1, Windows for Workgroups, OS/2 or Macintosh clients. In general, customers who have deployed only Windows NT, Windows 95 and 98 client workstations are not at risk from the vulnerability.

A fully supported patch is available and Microsoft recommends that users evaluate the risk to their systems and, as appropriate, download and install it on affected computers.

The company explains the Windows NT Security Account Manager (SAM) database stores the hashed password for each user account in two forms: an "NT hash" form that is used to authenticate users on Windows NT clients and an "LM hash" form that is used to authenticate users on Windows 95, Windows 98 and downlevel clients such as DOS, Windows 3.1, Windows for Workgroups, OS/2 and Macintosh.

When a user changes his password via a Windows NT, Windows 95 or Windows 98 client, both the NT hash and the LM hash forms of the password are updated in the SAM. However, when the user changes his password via a downlevel client, only the LM hash form of the password is stored and null value is stored in the NT hash field.

When a user attempts an interactive logon or a network share connection from a Windows NT system, the Windows NT authentication process uses the NT hash form of the password. If the NT hash is null, the LM hash of the password is used for verification.

The logic error in SP4 incorrectly allows a null NT hash value to be used for authentication from Windows NT systems. The result is that is a user account's password was last changed from a DOS, Windows 3.1, Windows for Workgroups, OS/2 or Macintosh client, a user can logon into that account from a Windows NT system using a blank password. -- Brian Ploskina, Assistant Editor

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Dismantles RedVDS Cybercrime Marketplace Linked to $40M in Phishing Fraud

    In a coordinated action spanning the United States and the United Kingdom, Microsoft’s Digital Crimes Unit (DCU) and international law enforcement collaborators have taken down RedVDS, a subscription based cybercrime platform tied to an estimated $40 million in fraud losses in the U.S. since March 2025.

  • Sound Wave Illustration

    CrowdStrike's Acquisition of SGNL Aims to Strengthen Identity Security

    CrowdStrike signs definitive agreement to purchase SGNL, an identity security specialist, in a deal valued at about $740 million.

  • Microsoft Acquires Osmos, Automating Data Engineering inside Fabric

    In a strategic move to reduce time-consuming manual data preparation, Microsoft has acquired Seattle-based startup Osmos, specializing in agentic AI for data engineering.

  • Linux Foundation Unites Major Tech Firms to Launch Agentic AI Foundation

    The Linux Foundation today announced the creation of a new collaborative initiative — the Agentic AI Foundation (AAIF) — bringing together major AI and cloud players such as Microsoft, OpenAI, Anthropic and other major tech companies.

Most   Popular