VULHUB ™

Microsoft has released a patch for a security vulnerability in an administrative utility that ships with Microsoft Windows NT 4.0, Terminal Server Edition. The utility creates a temporary file during execution that can contain security-sensitive information, but does not appropriately restrict access to it. As a result, a malicious user on the terminal server could read the file as it was being created. Microsoft FAQ on this issue is available here.

Microsoft has released a patch for a security vulnerability in an administrative utility that ships with Microsoft Windows NT 4.0, Terminal Server Edition. The utility creates a temporary file during execution that can contain security-sensitive information, but does not appropriately restrict access to it. As a result, a malicious user on the terminal server could read the file as it was being created. Microsoft FAQ on this issue is available here.