General 8066 Published by

Microsoft Security Bulletin MS00-032 announces the availability of a patch that eliminates a vulnerability in Microsoft:registered: Windows 2000.

What´s the scope of the vulnerability?

This vulnerability could make it easier for a malicious user to compromise sensitive data belonging to a Windows 2000 user. By design, Windows 2000 should encrypt this data using the strongest cryptography available on the machine, but, because of the vulnerability, it´s actually protected with weaker cryptography.

Before a malicious user could attempt to exploit this vulnerability, he would need to have already gained complete control over the user´s machine in order to obtain the data. Even if he had done so, this vulnerability would only make it possible not trivial to compromise the information.

Read more