Fixes Required in TCSEC C2 Security Evaluation Configuration for Windows NT 4.0 Service Pack 6a (244599)


The information in this article applies to:

  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Server 4.0 SP1
  • Microsoft Windows NT Server 4.0 SP2
  • Microsoft Windows NT Server 4.0 SP3
  • Microsoft Windows NT Server 4.0 SP4
  • Microsoft Windows NT Server 4.0 SP5
  • Microsoft Windows NT Server 4.0 SP6a
  • Microsoft Windows NT Server, Enterprise Edition 4.0
  • Microsoft Windows NT Server, Enterprise Edition 4.0 SP4
  • Microsoft Windows NT Server, Enterprise Edition 4.0 SP5
  • Microsoft Windows NT Server, Enterprise Edition 4.0 SP6a
  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Workstation 4.0 SP1
  • Microsoft Windows NT Workstation 4.0 SP2
  • Microsoft Windows NT Workstation 4.0 SP3
  • Microsoft Windows NT Workstation 4.0 SP4
  • Microsoft Windows NT Workstation 4.0 SP5
  • Microsoft Windows NT Workstation 4.0 SP6a
This article was previously published under Q244599

SUMMARY

The "Administrator's and User's Security Guide for Windows NT 4.0" is the official document that specifies the exact procedures to configure Windows NT 4.0 as a Trusted Computer System Evaluation Criteria (TCSEC) C2 compliant system. This guide is available from the following Microsoft Web site:

Administrator's and User's Security Guide for Windows NT 4.0

These procedures include the installation of Windows NT 4.0 Service Pack 6a and a Post-SP6a hotfix called the "C2 Update."

MORE INFORMATION

The C2 Update corrects the following problems in Windows NT 4.0:
  • NetBT disallows unprivileged user mode programs from sharing TCP and UDP ports that are opened by NetBT. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

    241041 Enabling NetBT to Open TCP and UDP Ports Exclusively

  • Device drivers create their corresponding DeviceObject with FILE_DEVICE_SECURE_OPEN DeviceCharacteristics. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

    243405 Device Drivers Create Their Corresponding DeviceObject with FILE_DEVICE_SECURE_OPEN DeviceCharacteristics

  • Jet500 creates events and semaphores objects with non-NULL ACLs. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

    243404 ACLs Associated with Events and Semaphores Created by JET500.DLL

The following files are available for download from the Microsoft Download Center:

English (US) (x86):
DownloadDownload Q244599i.exe now

English (US) (Alpha):
DownloadDownload Q244599a.exe now

Chinese (Simplified) (x86):
DownloadDownload Q244599i.exe now

Chinese (Simplified) (Alpha):
DownloadDownload Q244599a.exe now

Chinese (Traditional) (x86):
DownloadDownload Q244599i.exe now

Chinese (Traditional) (Alpha):
DownloadDownload Q244599a.exe now

Danish (x86):
DownloadDownload Q244599i.exe now

Danish (Alpha):
DownloadDownload Q244599a.exe now

Dutch (x86):
DownloadDownload Q244599i.exe now

Dutch (Alpha):
DownloadDownload Q244599a.exe now

Finnish (x86):
DownloadDownload Q244599i.exe now

Finnish (Alpha):
DownloadDownload Q244599a.exe now

French (x86):
DownloadDownload Q244599i.exe now

French (Alpha):
DownloadDownload Q244599a.exe now

German (x86):
DownloadDownload Q244599i.exe now

German (Alpha):
DownloadDownload Q244599a.exe now

Hungarian (x86):
DownloadDownload Q244599i.exe now

Hungarian (Alpha):
DownloadDownload Q244599a.exe now

Italian (x86):
DownloadDownload Q244599i.exe now

Italian (Alpha):
DownloadDownload Q244599a.exe now

Japanese (x86):
DownloadDownload Q244599i.exe now

Japanese (Alpha):
DownloadDownload Q244599a.exe now

Japanese (NEC):
DownloadDownload Q244599n.exe now

Korean (x86):
DownloadDownload Q244599i.exe now

Korean (Alpha):
DownloadDownload Q244599a.exe now

Norwegian (x86):
DownloadDownload Q244599i.exe now

Norwegian (Alpha):
DownloadDownload Q244599a.exe now

Polish (x86):
DownloadDownload Q244599i.exe now

Polish (Alpha):
DownloadDownload Q244599a.exe now

Portuguese (Brazil) (x86):
DownloadDownload Q244599i.exe now

Portuguese (Brazil) (Alpha):
DownloadDownload Q244599a.exe now

Russian (x86):
DownloadDownload Q244599i.exe now

Russian (Alpha):
DownloadDownload Q244599a.exe now

Spanish (x86):
DownloadDownload Q244599i.exe now

Spanish (Alpha):
DownloadDownload Q244599a.exe now

Swedish (x86):
DownloadDownload Q244599i.exe now

Swedish (Alpha):
DownloadDownload Q244599a.exe now For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. NOTE: The C2 Update also includes the binary files required in the Spooler-fix described in the following article in the Microsoft Knowledge Base:

243649 Unchecked Print Spooler Buffer May Expose System Vulnerability

Modification Type:MajorLast Reviewed:4/20/2006
Keywords:kbgraphxlinkcritical kbinfo KB244599
©2004 Microsoft Corporation. All rights reserved.