Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Relative Shell Path Vulnerability
A security vulnerability exists in Microsoft® Windows NT® 4.0 and Windows® 2000 which could enable a malicious user to cause code of his choice to run when another user subsequently logged onto the same machine.
Issue
The registry entry that specifies the Windows Shell executable (Explorer.exe) provides a relative, rather than absolute, path name. Because of the circumstances in place at system startup time, the normal search order would cause any file named Explorer.exe in the %Systemdrive%\ directory to be loaded in place of the bona fide version. This could provide an opportunity for a malicious user to cause code of his choice to run when another user subsequently logged onto the same machine.
Under normal conditions, the malicious user could only exploit this vulnerability on machines that he could interactively log onto. As a result, workstations and terminal servers would be the machines primarily at risk.
Affected Products
- Windows NT/2000
Solution
Software patches are available from the following locations:
- Microsoft Windows NT 4.0 Workstation, Server, Enterprise Server:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23360 - Microsoft Windows NT 4.0 Terminal Server:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23421 - Microsoft Windows 2000: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23359
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: July 28, 2000
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
