Critical Vulnerability Found in Domain Controllers

Microsoft alerted users to a critical unchecked buffer vulnerability in a service that is enabled by default on Windows 2000 and Windows NT 4.0 domain controllers.

The alert was one of three security alerts that Microsoft sent to users on Wednesday night. The other new security holes both rate as "moderate" vulnerabilities in Microsoft's threat risk scale. The affected products are Content Management Server 2001 and Outlook 2002. The three alerts were the first batch of security bulletins out of Redmond for 2003.

The critical problem in Windows 2000 and Windows NT 4.0 domain controllers involves the Locator service, which maps logical names to network-specific names. The service is present in Windows NT 4.0, Windows 2000 and Windows XP, although it is only enabled by default in domain controllers.

According to Microsoft, the vulnerability could allow code of an attacker's choice to be executed. To exploit the vulnerability, an attacker would have to send a specially malformed request to the Locator service. Microsoft contends that a properly configured firewall would block Internet-based attackers from exploiting the hole.

A patch for the vulnerability is available at

Microsoft developed a cumulative patch in fixing the new flaw affecting Content Management Server 2001. The flaw, which does not affect the newer Content Management Server 2002, requires an attacker to follow a complex series of technical and social engineering steps, one of which would be to lure a victim user to a page. Once there, the attacker could wrongfully obtain information disclosed by the user.

The cumulative patch can be found at

The Outlook 2002 flaw addressed in the third bulletin could result in supposedly encrypted messages being sent in plain text. When users select a less common method of encryption, known as V1 Exchange Server Security Certificates, their HTML e-mail messages can go out in plain text.

"As a result of this flaw, Outlook fails to encrypt the mail correctly and the message will be sent in plain text. This could cause the information in the e-mail to be exposed when the user believed it to be protected through encryption," Microsoft's security bulletin reads.

A patch for the Outlook 2002 flaw is available at

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

  • Microsoft Ups Its Carbon Reduction Goals

    Microsoft on Thursday announced a corporatewide carbon reduction effort that aims to make the company "carbon negative" by 2030.

  • How To Dynamically Lock Down an Unattended Windows 10 PC

    One of the biggest security risks in any organization happens when a user walks away from their PC without logging out. Microsoft has the solution (and it's not a password-protected screensaver).

  • First Stable Chromium-Based Microsoft Edge Browser Released

    Microsoft on Wednesday announced the first release of its Chromium-based Microsoft Edge browser at the "stable" commercial-release stage.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.