Microsoft Update
Scan your computer for Windows and Office updates that you need
Windows NT 4.0 Terminal Server Edition Security Patch: Memory Leak in SNMP Vulnerability
Brief Description
This update resolves the "Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run" security vulnerability in Windows NT 4.0 Terminal Server Edition and is discussed in Microsoft Security Bulletin MS02-006.
On This Page
Quick Details
| File Name: | Q314147i.exe |
| Version: | Q314147 |
| Security Bulletins: | MS02-006 |
| Knowledge Base (KB) Articles: | KB314147 |
| Date Published: | 2/13/2002 |
| Language: | English |
| Download Size: | 112 KB |
| Estimated Download Time: | 1 min 56K |
|
| Change Language: | |
Overview
This update resolves the "Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run" security vulnerability in Windows NT 4.0 Terminal Server Edition and is discussed in Microsoft Security Bulletin MS02-006. Download now to prevent a malicious user from running code of their choice or launching a Denial of Service (DoS) attack on your computer.
The vulnerability exists because a component of the SNMP agent service that interprets incoming commands contains an unchecked buffer (a temporary data storage area that has a limited capacity). By sending a malformed request, it is possible to carry out a buffer overrun attack against an affected system.
Note The SNMP service is neither installed nor running by default in any version of Windows. 
Top of page
System Requirements
- Supported Operating Systems: Windows NT
Windows NT4.0, Terminal Server Edition Top of page
Instructions
After you click on the Download Link, you will see a dialog with the question "What would you like to do with this file?"
If you choose to "Run this program from it's current location" it will automatically install the program to your
computer.
If you choose "Save this program to a disk" you will be prompted for a location to save the file to. Once saved
you will need to open the .exe file to run the program.
Top of page
Additional Information
Who should read this bulletin: System administrators who use Simple Network Management Protocol to manage Microsoft® Windows® 95, 98, 98SE, Windows NT® 4.0, Windows 2000 or Windows XP systems
Impact of vulnerability: Denial of Service, potentially run code of attacker’s choice
Maximum Severity Rating: Moderate
Recommendation: Customers using SNMP on Windows 2000 and Windows XP should apply the patch. All other customers should disable SNMP service if running; apply patch when available
Affected Software:
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP Top of page
