HOME UtilitiesPatches and Updates Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability Download

The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed l instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious userls web site l either by browsing to the site or by opening an HTML mail that initiated a session with it l an application on the site could capture the userls NTLM credentials. The malicious user could then use an offline brute force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources. The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another userls computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system. However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system. This download is for Windows ME (without Office 2000 installed).

To start download the software please click here: Site 1

If you can not download this product please report us broken link

Software downloads related to Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability

Microsoft Windows ME Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows ME provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised, by a... more info download

Microsoft Windows ME Security Patch: 'HyperTerminal Buffer Overflow' Vulnerability
The HyperTerminal application is a utility that installs, by default, on all versions of Windows 98, 98SE, Windows ME, Windows NT, and Windows 2000. The product contains an unchecked buffer in a section of the code that processes Telnet URLs. If a... more info download

Microsoft Windows ME Security Patch: 'Malformed IPX NMPI Packet' Vulnerability
The Microsoft IPX/SPX protocol implementation (NWLink) includes an NMPI (Name Management Protocol on IPX) listener that will reply to any requesting network address. The NMPI listener software does not filter the requesting computer's network... more info download

Microsoft Windows 95 Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows 95 provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised, by a... more info download

Microsoft Windows ME Security Patch: 'WebTV for Windows Denial of Service' Vulnerability
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for Windows. Restarting the application and/or... more info download

KingConvert Microsoft Windows Phone Video Converter
Microsoft Windows Phone Video Converter is software for 3GP/3GP2/AVI/MP4 file conversion of portable video device such as mobile phone, iPod, PSP, etc. more info download

Microsoft Windows 95 Security Patch: 'Malformed IPX NMPI Packet' Vulnerability
The Microsoft IPX/SPX protocol implementation (NWLink) includes an NMPI (Name Management Protocol on IPX) listener that will reply to any requesting network address. The NMPI listener software does not filter the requesting computer's network... more info download

Microsoft Windows NT 4.0 Security Patch and Windows 95/98/98SE/ME Workaround : 'Incomplete TCP/IP Packet' Vulnerability
There is a denial of service vulnerability that affects Windows NT 4.0 Windows 95, 98, 98 Second Edition and Windows Me. (Windows 2000 is not affected by this vulnerability.) By sending a flood of specially malformed TCP/IP packets to a victimls... more info download

Microsoft Windows 98/98SE Security Patch: 'HyperTerminal Buffer Overflow' Vulnerability
The HyperTerminal application is a utility that installs, by default, on all versions of Windows 98, 98SE, Windows ME, Windows NT, and Windows 2000. The product contains an unchecked buffer in a section of the code that processes Telnet URLs. If a... more info download

Microsoft Windows 98/98SE Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows 98/98SE provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised,... more info download

Microsoft Windows ME Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows ME provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised, by a... more info download

Microsoft Windows ME Security Patch: 'WebTV for Windows Denial of Service' Vulnerability
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for Windows. Restarting the application and/or... more info download

Popular Downloads

Microsoft Office 2000 Service Release 2 (SR-2) (English Edition)
Office 2000 SP-2 provides the latest product updates to Office 2000 Service Release 1 (SR-1). Office 2000 SP-2 is particularly useful to corporate customers, and can also be installed by small business or individual users. This update can be... more info download

F-Secure AntiVirus Definition Update
Get the latest virus definition update for F-Secure AntiVirus. With multiple scanning engines, F-Secure AntiVirus is the most comprehensive, real-time virus scanning and protection system for all Windows platforms. It is a three-tiered solution... more info download

Microsoft Office 2000 Service Release 2 (SR-2) (German Edition)
Office 2000 SP-2 provides the latest product updates to Office 2000 Service Release 1 (SR-1). Office 2000 SP-2 is particularly useful to corporate customers, and can also be installed by small business or individual users. This update can be... more info download

Microsoft Outlook 98 Update: E-mail Security
To help protect you against most viruses spread via attachments in e-mail, Microsoft has introduced a significant security enhancement for Outlookę 98 and 2000 S the Outlook 2000 SR-1 E-mail Security Update and the Outlook 98 E-mail Security... more info download

Five Chess
Five Chess is a classical Chinese Chess game. You and the opponent will take turn to place one chess at a time to the empty cross point at the board. Whoever first puts 5 chesses in a row, column or diagonal will win. For more information, please... more info download

Xbox Cheat Codes Ebook
This is a collection of Xbox cheat codes, hints and tips in the form of an e-book. The full version contains the cheat codes, hints and tips for over 300 games. It is useful if you would like to keep all the cheats, tips and hints under one file,... more info download

Microsoft Word 97 Update: 'Word Mail Merge' Vulnerability
The Word 97 Mail Merge Security Update protects you from a vulnerability in the mail merge function in Word with Access databases as a data source. Because the mail merge function in Word can allow an Access database to run macro code... more info download

Microsoft Outlook 2000 SR-1 Email security update
To help protect you against most viruses spread via attachments in e-mail, Microsoft has introduced a significant security enhancement for Outlookę 98 and 2000the Outlook 2000 SR-1 E-mail Security Update and the Outlook 98 E-mail Security Update.... more info download

Microsoft Word 2000 Update: 'Word Mail Merge' Vulnerability
The Word 2000 Mail Merge Security Update protects you from a vulnerability in the mail merge function in Word with Access databases as a data source. Because the mail merge function in Word can allow an Access database to run macro code... more info download

Microsoft SQL Server 7.0 (including MS Data Engine 1.0) Security Patch: 'Extended Stored Procedure Parameter Parsing' Vu
This is a buffer overrun vulnerability. A malicious user could exploit this vulnerability in either of two ways. In the simplest case, he or she could use the vulnerability to cause the SQL Server service to fail. In the more complex case, he or... more info download