Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability MS01-001 - The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me

	Categories
	Business Email Tools Games Home and Education Information Management Ipod Tools Linux Mac Multimedia and Graphics Network and Internet PDA Programming Shell and Desktop Themes Utilities Web Authoring Components and Source Code

	New Listing
	Vista FAT Partition Recovery Instant RAM Booster PDA Mobile Investigation Software Digital Pictures Salvage Software Bootlog XP Plato DVD to FLV Converter iBall USB Drive Recovery Moyea FLV Player Barcode Label Creator Any DVD Backup QuickTime DirectShow Filter for WMP 4Leaf MOV Video Splitter MP3 Player Files Recovery Software File Renamer Turbo Html Email Creator PowerLotto5 4Neurons Magnifying Glass OraLoader Convert Lotus Notes to Outlook IsItUp Network Monitor

	Related
	Mainstay Office 2000 Phtech Office 2000 Office 2000 Button Bar Office 2000 Training Small Office Home Office Brute Force Rar Brute Force Pc Rar Force Brute Zip Brute Force Brute Force Zip

Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability


	Download
	Report Error

Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability

Freeware 312.0 KB Microsoft Corp.

Description of Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability MS01-001:
The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed l instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious userls web site l either by browsing to the site or by opening an HTML mail that initiated a session with it l an application on the site could capture the userls NTLM credentials. The malicious user could then use an offline brute force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources. The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another userls computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system. However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system. This download is for Windows ME (without Office 2000 installed).

Supported OS: Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT, Windows 2000, Windows XP, Windows 2003

User reviews: Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability Download

Notice: * - required fields

Popular terms of download Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability:

Attack, Brute-force, Logon, Microsoft Office, Office 2000, Submit

Software downloads related to Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability

	LCP Password auditing and recovery tool for Windows NT/2000/XP/2003. Accounts information import. Passwords recovering by dictionary attack, brute force attack, hybrid of dictionary and brute force attacks.

	RAR Password Recovery RAR Password Recovery is a powerful tool to recover lost (forgotten) passwords for a RAR/WinRar archives. The program supports the Brute-Force attack, dictionary-based attack and dramatically fastest "Booost-Up" attack.

	SAMInside Fastest recovery of Windows NT/2000/XP/2003 users' passwords!Brute-force attack, mask attack, dictionary attack, pre-calculated tables attack, import from LC, LCP, LCS, HDT, LMNT.LST, PWDUMP files, etc.

	Word Password Recovery Word Password Recovery is a program to recover lost or forgotten passwords to the Microsoft Word 2003/2002/2000/97/95 documents protected with password for open. The program supports the "brute-force" attack, dictionary-based attack.

	Network Share Brute Forcer This program will try and gain access to shared folders on yournetwork using one of the following two methods:a) Brute force attackb) Dictionary attack

	Accent OFFICE Password Recovery You don't need to be a hacker in order to recover a lost password from an Office document. This utility supports a wide range of Office document formats and includes a Wizard that helps you to choose a proper password recovery strategy.

	Advanced Office 97 Password Recovery A program to recover lost passwords for Microsoft Office 97/2000 documents. The passwords for Access databases, write-reservation passwords, passwords for workbook and sheets and document protection passwords are being recovered instantly. The passwords

	Advanced Office 2000 Password Recovery (std) A program to recover lost or forgotten passwords to files/documents created in Microsoft Office applications: Word, Excel, Access (share-level), Money, IE. Most passwords are being recovered instantly; the password to open in Word/Excel 97/2000/XP can

	Advanced Archive Password Recovery A program to recover lost or forgotten passwords to ZIP, ARJ, RAR and ACE archives. Implements fast and customizable brute-force attack, dictionary-based attack and very effective known-plaintext attack. Supports WinZip AES encryption.

	Advanced Office XP Password Recovery Std A program to recover lost or forgotten passwords to files/documents created in Microsoft Office applications (all versions up to Office 2002/XP): Word, Excel, Access (share-level), Money, IE. Most passwords are being recovered instantly; the password