VULHUB ™

Microsoft Security Bulletin (MS00-099) - Microsoft has released a patch that eliminates a security vulnerability affecting Windows 2000 domain controllers. If the Configure Your Server tool was used when the machine was originally promoted to domain controller, the Directory Service Restore Mode would be left blank, allowing malicious users to log onto the machine in Directory Service Restore Mode. Once logged on, the malicious user could alter system components or install bogus ones that would execute when a bona fide administrator subsequently logged onto the machine. Microsoft FAQ on this issue available here.

Microsoft Security Bulletin (MS00-099) - Microsoft has released a patch that eliminates a security vulnerability affecting Windows 2000 domain controllers. If the Configure Your Server tool was used when the machine was originally promoted to domain controller, the Directory Service Restore Mode would be left blank, allowing malicious users to log onto the machine in Directory Service Restore Mode. Once logged on, the malicious user could alter system components or install bogus ones that would execute when a bona fide administrator subsequently logged onto the machine. Microsoft FAQ on this issue available here.