Relative Path Issue Can Allow Program to Be Run Under the System Context (303628)


The information in this article applies to:

  • Microsoft Windows NT Server 4.0 Terminal Server Edition SP4
  • Microsoft Windows NT Server 4.0 Terminal Server Edition SP5
  • Microsoft Windows NT Server 4.0 Terminal Server Edition SP6
  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Server 4.0 SP1
  • Microsoft Windows NT Server 4.0 SP2
  • Microsoft Windows NT Server 4.0 SP3
  • Microsoft Windows NT Server 4.0 SP4
  • Microsoft Windows NT Server 4.0 SP5
  • Microsoft Windows NT Server 4.0 SP6a
  • Microsoft Windows NT Server, Enterprise Edition 4.0
  • Microsoft Windows NT Server, Enterprise Edition 4.0 SP4
  • Microsoft Windows NT Server, Enterprise Edition 4.0 SP5
  • Microsoft Windows NT Server, Enterprise Edition 4.0 SP6a
  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Workstation 4.0 SP1
  • Microsoft Windows NT Workstation 4.0 SP2
  • Microsoft Windows NT Workstation 4.0 SP3
  • Microsoft Windows NT Workstation 4.0 SP4
  • Microsoft Windows NT Workstation 4.0 SP5
  • Microsoft Windows NT Workstation 4.0 SP6a
This article was previously published under Q303628

SYMPTOMS

A domain user could potentially run a process under the System context if the program file is renamed as a screen saver file in the root folder of the system drive. System must have Read rights to the folder under which the process is renamed.

RESOLUTION

Windows NT 4.0

To resolve this problem, obtain the Windows NT 4.0 Security Rollup Package. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

299444 Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP)

Microsoft Windows NT Server version 4.0, Terminal Server Edition

To resolve this problem, obtain the Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package (SRP). For additional information about the SRP, click the article number below to view the article in the Microsoft Knowledge Base:

317636 Windows NT Server 4.0, TerminalServer Edition, Security Rollup Package

STATUS

Microsoft has confirmed that this problem may cause a degree of security vulnerability in Microsoft Windows NT 4.0 and Windows NT Server version 4.0, Terminal Server Edition.
Modification Type:MajorLast Reviewed:5/14/2003
Keywords:kbbug kbfix kbSecurity KB303628
©2002 Microsoft Corporation. All rights reserved.