Windows NT 4.0 prior to Service Pack 3

Risk Level: Medium risk vulnerability  Medium

Check or Attack Name: NT 4.0 SP3
Platforms: Windows NT
Description:

Windows NT 4.0 Service Pack 3 (SP3) has not been installed. A number of security patches and enhancements are available in SP3, including:

  • Making the registry unavailable to null sessions (Registry opened through a null session).
  • Allowing user and share enumeration via null sessions to be disabled (Users enumerated through a null session, Shares Enumerated through a null session).
  • Correcting a problem where a machine can be crashed by malformed SMB packets (Windows NT SMB logon DoS).
  • Providing several fixes made available as post-SP2 hotfixes. (IIS ASP dot bug in Microsoft Servers, DNS version vulnerable to denial of service, Windows NT kernel outdated, Out of band crash, and Windows NT SP2 security patches)
  • Including the capability to filter passwords for those found in a dictionary (Windows NT username same as password, Windows NT Administrator username same as password).

Due to the large number of security-related fixes in Service Pack 3, we strongly recommend applying this service pack. Several of these fixes are not available for Windows NT 3.51 and earlier versions, therefore we highly recommend upgrading any machines to SP3, which are running versions of Windows NT prior to 4.0.
Remedy:

Apply the latest Windows NT 4.0 Service Pack, follow these steps:

  1. Open a web browser.
  2. Go to http://support.microsoft.com/support/ntserver/Content/ServicePacks/ and follow the directions to download the appropriate service pack for your computer.
  3. Find the installation program you downloaded to your computer.
  4. Double-click the program icon to start the installation.
  5. Follow the installation directions.
References:

Microsoft Knowledge Base Article Q147798, Windows NT 4.0 Service Pack 3 Readme.txt File (128-bit), http://support.microsoft.com/support/kb/articles/Q147/7/98.asp

Microsoft Knowledge Base Article Q152841, Windows NT 4.0 Service Pack 3 Readme.txt File (40-bit), http://support.microsoft.com/support/kb/articles/Q152/8/41.asp

Microsoft FTP Server for Windows NT 4.0 SP3, Microsoft Windows NT 4.0 Workstation and Windows NT 4.0 Server Service Pack 3 Readme File, ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/ussp3/readme.htm
X-Force Logo
Know Your Risks