I've gotten a ton of email about two new post-SP4 hot-fixes for Windows NT 4.0; sorry for not thanking you all personally, but the sheer amount of mail made this impossible. In any event, SP4 users should at least check these out.
The first hot-fix fixes a problem where someone with physical access to a locked console on a Windows NT 4.0 SP4 system is able to retrieve the first line of text from the logged-on user's clipboard. This is done by pasting the clipboard contents into the User name field of the Unlock Workstation dialog box with the CTRL+v shortcut keys. This problem does not affect Terminal Server connections.
The fix for this potential attack can be found on the Microsoft FTP site.
The second hot-fix fixes a problem that occurs when a user has changed their Windows NT domain account password from a LAN Manager client such as Windows for Workgroups or OS/2. After the user's password is changed this way, that account may be used to log-on interactively and to make network connections from other systems using a blank password. This problem does not occur when the password is changed from Win32 clients, such as Windows 95, Windows 98, or Windows NT.
The fix for this security problem can also be found on the Microsoft FTP site.
In both cases, make sure to read the included README and Knowledge Base articles before installing