Microsoft Security Bulletin MS00-032 announces the availability of a patch that eliminates a vulnerability in Microsoft Windows 2000.
What´s the scope of the vulnerability?
This vulnerability could make it easier for a malicious user to compromise sensitive data belonging to a Windows 2000 user. By design, Windows 2000 should encrypt this data using the strongest cryptography available on the machine, but, because of the vulnerability, it´s actually protected with weaker cryptography.
Before a malicious user could attempt to exploit this vulnerability, he would need to have already gained complete control over the user´s machine in order to obtain the data. Even if he had done so, this vulnerability would only make it possible not trivial to compromise the information.
Read more
What´s the scope of the vulnerability?
This vulnerability could make it easier for a malicious user to compromise sensitive data belonging to a Windows 2000 user. By design, Windows 2000 should encrypt this data using the strongest cryptography available on the machine, but, because of the vulnerability, it´s actually protected with weaker cryptography.
Before a malicious user could attempt to exploit this vulnerability, he would need to have already gained complete control over the user´s machine in order to obtain the data. Even if he had done so, this vulnerability would only make it possible not trivial to compromise the information.
Read more