Microsoft Security Bulletin MS00-024 announces the availability of a tool that eliminates a vulnerability posed by innapropriate permissions on a registry key in Microsoft Windows NT 4.0. The default permissions on this key could allow a malicious user to compromise other users' cryptographic keys.
What's the scope of the vulnerability?
This vulnerability could allow a malicious user to install modified cryptographic software on a machine that he could log onto interactively. The modified software potentially could compromise the cryptographic keys of users who subsequently used the same machine.
The machines primarily affected by this vulnerability would be workstations and terminal servers. If standard security recommendations are followed, security-critical servers such as web servers, domain controllers, database servers and others would not allow normal users to log onto them interactively. Windows NT auditing could be used to determine that the user had made the changes to the registry.
Read more
What's the scope of the vulnerability?
This vulnerability could allow a malicious user to install modified cryptographic software on a machine that he could log onto interactively. The modified software potentially could compromise the cryptographic keys of users who subsequently used the same machine.
The machines primarily affected by this vulnerability would be workstations and terminal servers. If standard security recommendations are followed, security-critical servers such as web servers, domain controllers, database servers and others would not allow normal users to log onto them interactively. Windows NT auditing could be used to determine that the user had made the changes to the registry.
Read more