HOME UtilitiesPatches and Updates Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability

Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability MS01-001

Description of Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability MS01-001:
The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed l instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious userls web site l either by browsing to the site or by opening an HTML mail that initiated a session with it l an application on the site could capture the userls NTLM credentials. The malicious user could then use an offline brute force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources. The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another userls computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system. However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system. This download is for Windows ME (without Office 2000 installed).

Supported OS: Windows XP, Windows NT, Windows Me, Windows 98, Windows 95, Windows 3.x, Windows 2003, Windows 2000

User reviews: Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability Download

Name: *
Email:
Review: *

 

Popular terms of download Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability:

Software downloads related to Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability

Microsoft Windows ME Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows ME provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised, by a... more info download

Microsoft Windows ME Security Patch: 'HyperTerminal Buffer Overflow' Vulnerability
The HyperTerminal application is a utility that installs, by default, on all versions of Windows 98, 98SE, Windows ME, Windows NT, and Windows 2000. The product contains an unchecked buffer in a section of the code that processes Telnet URLs. If a... more info download

Microsoft Windows ME Security Patch: 'Malformed IPX NMPI Packet' Vulnerability
The Microsoft IPX/SPX protocol implementation (NWLink) includes an NMPI (Name Management Protocol on IPX) listener that will reply to any requesting network address. The NMPI listener software does not filter the requesting computer's network... more info download

Microsoft Windows 95 Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows 95 provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised, by a... more info download

Microsoft Windows ME Security Patch: 'WebTV for Windows Denial of Service' Vulnerability
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for Windows. Restarting the application and/or... more info download

KingConvert Microsoft Windows Phone Video Converter
Microsoft Windows Phone Video Converter is software for 3GP/3GP2/AVI/MP4 file conversion of portable video device such as mobile phone, iPod, PSP, etc. more info download

Microsoft Windows 95 Security Patch: 'Malformed IPX NMPI Packet' Vulnerability
The Microsoft IPX/SPX protocol implementation (NWLink) includes an NMPI (Name Management Protocol on IPX) listener that will reply to any requesting network address. The NMPI listener software does not filter the requesting computer's network... more info download

Microsoft Windows NT 4.0 Security Patch and Windows 95/98/98SE/ME Workaround : 'Incomplete TCP/IP Packet' Vulnerability
There is a denial of service vulnerability that affects Windows NT 4.0 Windows 95, 98, 98 Second Edition and Windows Me. (Windows 2000 is not affected by this vulnerability.) By sending a flood of specially malformed TCP/IP packets to a victimls... more info download

Microsoft Windows 98/98SE Security Patch: 'HyperTerminal Buffer Overflow' Vulnerability
The HyperTerminal application is a utility that installs, by default, on all versions of Windows 98, 98SE, Windows ME, Windows NT, and Windows 2000. The product contains an unchecked buffer in a section of the code that processes Telnet URLs. If a... more info download

Microsoft Windows 98/98SE Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows 98/98SE provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised,... more info download

Microsoft Windows ME Security Patch: 'Share Level Password' Vulnerability
Microsoft Windows ME provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share could be compromised, by a... more info download

Microsoft Windows ME Security Patch: 'WebTV for Windows Denial of Service' Vulnerability
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for Windows. Restarting the application and/or... more info download

News related to Microsoft Windows ME Security Patch: 'Web Client NTLM Authentication' Vulnerability

Download OPWS27.113-45-4 June 2018 Security Patch On Moto G6 Plus - Get Droid Tips (blog)
Get Droid Tips (blog)
Today Motorola started rolling the new update for Moto G6 Plus device with Monthly Android Security patch for June 2018. The update is based on the latest Android 8.0 Oreo. The update is labeled with build number...
Download NPSS26.116-64-11 June 2018 Security Patch On Moto G5S Plus [Sanders] - Get Droid Tips (blog)
Get Droid Tips (blog)
Today Motorola started rolling the new update for Moto G5S Plus (codename: sander) device with Monthly Android Security patch for June 2018. The update is based on the latest Android 7.1.1 Nougat. The update is...
Asus ZenFone 5Z Gets Improved Camera, June Security Patch, and More With First Major Update - NDTV
NDTV
As per information shared by Asus in a Zentalk thread, the update with software version 80.11.37.79 is currently available over the air. The company has provided the complete India ... the Android security patch for June 5, 2018....
Download J106HJVS0ARF3 July 2018 Security Patch for Galaxy J1 Mini Prime - Get Droid Tips (blog)
Get Droid Tips (blog)
Samsung is rolling out the July 2018 security patch for the Galaxy J1 Mini Prime (SM-J106H). This bumps the new build number J106HJVS0ARF3 to the device. The latest July 2018 software only steps up the security level...
Download G950FXXS3CRGD July 2018 Security Patch for Galaxy S8 - Get Droid Tips (blog)
Get Droid Tips (blog)
Samsung is rolling out the July 2018 security patch for the Galaxy S8 (SM-G950F). This bumps the new build number G950FXXS3CRGD based on Android 8.0 Oreo. The latest July 2018 software only steps up the security...
Microsoft Windows Security Updates April 2018 release overview - Ghacks Technology News
Ghacks Technology News
KB4093111 -- Cumulative Security Update for Windows 10. KB4093223 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Patches Microsoft graphics remote code execution issue. KB4093224 -- Security...
Microsoft Windows Security Updates July 2018 release overview - Ghacks Technology News
Ghacks Technology News
It is July 10, 2018 today and that means it is time for our monthly Microsoft Patch Day overview. Microsoft releases security updates for company products on the second Tuesday of each month. Our coverage includes...
Windows 10 Lean: Latest build offers first glimpse of Microsoft's new cut-down OS - ZDNet
ZDNet
Windows 10: Microsoft to boost Linux app security with Windows Defender firewall. Microsoft preps new Windows 10 security features to ensure system integrity during start-up and after it's running. Microsoft: Switching out of...
Microsoft Windows Security Updates May 2018 release overview - Ghacks Technology News
Ghacks Technology News
Fixed web workers communication issue in Internet Explorer. Internet Explorer and Microsoft Edge update to respect video preload flag. Addressed an issue caused by rate using job objects that could cause CPU spikes,...
Download Windows 7 KB4093114 and Windows 8.1 KB4093118 to fix bugs - WindowsLatest (blog)
WindowsLatest (blog)
Microsoft is also releasing security updates to Internet Explorer, Microsoft graphics component, Windows Server, Windows datacenter networking, Microsoft scripting engine, Windows app platform, frameworks, Windows...