Patch Available for "Share Level Password" Vulnerability (273991)


The information in this article applies to:

  • Microsoft Windows Millennium Edition
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows 98
  • Microsoft Windows 95
This article was previously published under Q273991

SYMPTOMS

Microsoft has released a patch that eliminates a security vulnerability in Windows 95, Windows 98, Windows 98 Second Edition, and Windows Millennium Edition (Me). This vulnerability could allow a malicious user to programmatically obtain access to a file share without knowing the entire password that is assigned to that share. For answers to frequently asked questions about this vulnerability and the patch, please view the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/fq00-072.mspx

NOTE: This update has been superceded as described in the following Microsoft Knowledge Base article:

273727 Denial of Service Possible on an IPX/SPX Protocol Using the Name Management Port

NOTE: To more effectively search the Microsoft Knowledge Base, use keywords that relate to your issue. If you are searching for troubleshooting information that is not mentioned in this article, search the Microsoft Knowledge Base again by using keywords that are listed in the following Microsoft Knowledge Base article:

242450 How to Query the Microsoft Knowledge Base Using Keywords

CAUSE

This problem can occur because of the way the share-level access control password feature is implemented. With this implementation, a malicious user can use a special client utility to gain access to a share without knowing the entire password that is required to access that share.

RESOLUTION

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that this article describes. Apply it only to systems that are experiencing this specific problem.

To resolve this problem, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The English version of this fix should have the following file attributes or later:
   Date      Time     Version     Size    File name     Operating system
   -----------------------------------------------------------------------
   10/19/2000  06:52p 4.00.955    108,288 Vserver.vxd   Windows 95
   10/17/2000  01:44p 4.00.1113   112,904 Vserver.vxd   Windows 95B or 95C
   10/11/2000  12:54p 4.10.2001   112,912 Vserver.vxd   Windows 98
   09/15/2000  05:18p 4.10.2224   112,912 Vserver.vxd   Windows 98 Second 
                                                        Edition
   09/25/2000  06:34p 4.90.3001   112,896 Vserver.vxd   Windows Me

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

MORE INFORMATION

Microsoft Windows provides two types of security protection for file and printer sharing. You can select the type of security protection on the Access Control tab in the Network tool in Control Panel.

The first type of security protection is share-level access control. When you use this method, the type of access to grant is controlled by which of two passwords is used to request access. One password specifies read-only access, and the other specifies full access.

The second type of security protection is user-level access control. This method allows you to specify what type of access to grant to specific users. User-level access control does not require the use of passwords to decide what access type to grant.

Because it is the password verification feature that is vulnerable, only share-level access control is affected. To avoid this issue, computers that are part of a Windows-based domain should be set to use user-level access control.

NOTE: Computers that are running Microsoft Windows NT or Microsoft Windows 2000 can only use user-level access control and are not susceptible to this vulnerability.

For additional information about Windows 95 hotfixes, click the article number below to view the article in the Microsoft Knowledge Base:

161020 Implementing Windows 95 Updates

For additional information about Windows 98 and Windows 98 Second Edition hotfixes, click the article number below to view the article in the Microsoft Knowledge Base:

206071 General Information on Windows 98 and SE Hotfixes

For additional information about Windows Me hotfixes, click the article number below to view the article in the Microsoft Knowledge Base:

295413 General Information About Windows Millennium Edition Hotfixes

Modification Type:MinorLast Reviewed:10/18/2005
Keywords:kbHotfixServer kbQFE kbenv kbprb kbQFE KB273991
©2004 Microsoft Corporation. All rights reserved.