Event 560 When Opening a Read-Only File for Read Access (130487)
The information in this article applies to:
- Microsoft Windows NT Workstation 3.5
- Microsoft Windows NT Server 3.5
This article was previously published under Q130487 SYMPTOMS
If a file has only read and execute permissions, event 560 (Audit Failure)
may be written to the security log when the file is opened for read
access. For this symptom to occur, auditing for file write failure must be
enabled.
STATUS
Microsoft has confirmed this to be a problem in Windows NT version 3.5. A
fix to this problem is in development, but has not been regression-tested
and may be destabilizing in production environments. Microsoft does not
recommend implementing this fix at this time. Contact Microsoft Product
Support Services for more information on the availability of this fix.
| Modification Type: | Major | Last Reviewed: | 10/13/2003 |
|---|
| Keywords: | KB130487 |
|---|
|