|
|
Windows 95/9/ME Security Warning: TCP File Sharing Vulnerable to Password Probes
If you're a Windows 95/98/ME user and you haven't yet installed Microsoft's
patch for "share level password" vulnerability, don't delay.
Without this patch (available from http://www.microsoft.com/technet/security/bulletin/fq00-072.asp),
a file share can be compromised by a malicious user. Your machine is open to
a single-character guess for your password, so an intruder can do damage even
without knowing the entire password.
Only share level access permissions on Windows 95/98/ME machines are vulnerable.
Because they can only be set up with user-level file share access controls,
Windows NT and Windows 2000 machines are not susceptible.
For complete information about this security problem, including answers to
frequently-asked questions, go to
http://www.microsoft.com/technet/security/bulletin/fq00-072.asp