windows2000 network property wizard Vulnerability: Windows NT 2000 memory password protection mechanisms to vulnerable affected versions:
Microsoft Windows NT 2000漏洞描述: Microsoft Windows NT 2000 Vulnerability Description:
Windows 2000的保护内存使用缺省的40位密码机制,而不是使用56位DES密码机制,或者168位Triple Protection of memory for Windows 2000 40-bit password using the default mechanism, rather than using 56-bit DES password mechanisms, or 168 Triple
DES密码机制。 DES password mechanism. 本地或者远程攻击者能利用这种虚弱的内存保护密码机制,能够获取用户的私匙。 Local or remote attacker can take advantage of this weakness of memory, password protection mechanisms to access the user's private key.
解决方法: Solution:
Microsoft 已经发布了相应的补丁: Microsoft has released a corresponding patch:
Microsoft Windows NT 2000: Microsoft Windows NT 2000:
Microsoft patch Q260219_W2K_SP1_x86_en Microsoft patch Q260219_W2K_SP1_x86_en
http://download.microsoft.com/download/win2000platform/Update/Q260219/N http://download.microsoft.com/download/win2000platform/Update/Q260219/N
T5/EN-US/Q260219_W2K_SP1_x86_en.EXE T5/EN-US/Q260219_W2K_SP1_x86_en.EXE
Tidak ada komentar:
Posting Komentar