Reported August 28, 2000 by Microsoft
- Microsoft Windows 2000 Professional, Server, and Advanced Server
Windows 2000's local security policy can become corrupted where a denial of service attack when then take place because of the system's inability to properly establish domain membership and trust relationships. Such an attack could be launched by any user that can establish an RPC connection and send certain commands in a specific sequence.
Microsoft is aware of the problem and has stated that systems with Windows 2000 Service Pack 1 (SP1) are protected against this vulnerability. A patch is available for systems without SP1 installed. in addition, microsoft has released FAQ #FQ00-62, as well as Support Online article Q269609.
Discovered by Microsoft