Terminal Server Denial of Service Attack with Duplicated Objects Between Sessions (229441)


The information in this article applies to:

  • Microsoft Windows NT Server 4.0 Terminal Server Edition
This article was previously published under Q229441

SYMPTOMS

A possible denial of service attack exists in Windows NT Server 4.0, Terminal Server Edition when objects containing session-specific information are duplicated between sessions.

CAUSE

Desktop and window station objects are system objects allocated by the object manager in global system memory and are accessible from all sessions. The problem occurs when a handle to a dekstop or window station is opened from one session and duplicated to a program running in another session.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows NT Server 4.0, Terminal Server Edition or the individual software update. For information on obtaining the latest service pack, please go to:
For information on obtaining the individual software update, contact Microsoft Product Support Services. For a complete list of Microsoft Product Support Services phone numbers and information on support costs, please go to the following address on the World Wide Web:

http://support.microsoft.com/directory/overview.asp


STATUS

Microsoft has confirmed that this is a problem in Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT Server 4.0, Terminal Server Edition Service Pack 4.
Modification Type:MajorLast Reviewed:6/24/2004
Keywords:kbbug kbfix KB229441
©2004 Microsoft Corporation. All rights reserved.