Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Syskey Keystream Reuse Vulnerability
A vulnerability exists in Syskey, a utility that provides additional protection for Microsoft® Windows NT® password databases. The vulnerability allows a particular cryptanalytic attack to be effective against Syskey, significantly reducing the strength of the protection it offers.
Issue
Syskey is a utility that strongly encrypts the hashed password information in the SAM database in order to protect it against offline password cracking attacks. However, Syskey reuses the keystream used to perform some of the encryption. This significantly reduces the strength of the protection it provides by enabling a well-known cryptanalytic attack to be used against it.
A patch is available that eliminates the key reuse vulnerability and again makes it computationally infeasible to mount a brute-force attack against the SAM database when Syskey has been applied.
Affected Products
- Windows NT Server, Enterprise, Terminal Server and Workstation 4.0
Download
Patch: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16798
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: December 16, 1999
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
