|
Clearing The Security Log - Bug Systems Affected Windows NT 4.0 with Service Pack 3, no hotfixes Description: A bug has been identified with the control of user rights when clearing the security event log. If a user has been given the right "Manage auditing and security log", they can clear the Security Event Log without the action logging the Event 517: Audit log has been cleared. This problem does not occur with administrators (whether they have the right or not). I have tested the fix outlined in kb article q142615 to see if this resolves the problem, however the event is still not logged. Scenario: The user logs onto the master domain on a workstation which is a member of the master domain. The user account is a member of Domain Users and Server Operators with the user right "Manage auditing and security log". The user opens the Event Viewer to the Security Log and selects to Clear. The server is Windows NT 4.0 (SP3, no hotfixes) and the workstation is Windows NT 4.0
(SP3, no hotfixes). To learn more about new NT security concerns, subscribe to NTSD. Credit:Reported by: Elvio Serrao ([email protected]) Posted here at NTSecurity.Net |
Clearing the NT Security Log
0 comments
Hide comments
Cybersecurity Workforce Sustainability Has a Problem. DEI Could Be the Solution.
May 06, 2024
Cybersecurity Acronyms Cheat Sheet
May 06, 2024
How to Ensure Data Protection, IT Security, and Compliance in Life Sciences
Apr 30, 2024
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024