Windows Nt Microsoft Windows Nt

Do you want an email whenever new security vulnerabilities are reported in Microsoft Windows Nt?

Recent Microsoft Windows Nt Security Advisories

Advisory Title Published
CVE-2023-36398 Windows NTFS Information Disclosure Vulnerability November 14, 2023
CVE-2023-24900 Windows NTLM Security Support Provider Information Disclosure Vulnerability May 9, 2023
CVE-2023-28225 Windows NTLM Elevation of Privilege Vulnerability April 11, 2023
CVE-2023-21746 Windows NTLM Elevation of Privilege Vulnerability January 10, 2023
CVE-2022-35770 Windows NTLM Spoofing Vulnerability October 11, 2022
CVE-2022-26933 Windows NTFS Information Disclosure Vulnerability May 10, 2022
CVE-2022-23298 Windows NT OS Kernel Elevation of Privilege Vulnerability March 8, 2022
CVE-2022-23297 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability March 8, 2022
CVE-2021-43229 Windows NTFS Elevation of Privilege Vulnerability December 14, 2021
CVE-2021-43230 Windows NTFS Elevation of Privilege Vulnerability December 14, 2021

By the Year

In 2024 there have been 0 vulnerabilities in Microsoft Windows Nt . Windows Nt did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Windows Nt vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows Nt Security Vulnerabilities

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which

CVE-2010-0232 - January 21, 2010

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."

Permissions, Privileges, and Access Controls

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors

CVE-2008-4609 - October 20, 2008

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Configuration

The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008

CVE-2008-1086 - April 08, 2008

The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption.

Code Injection

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file

CVE-2005-4717 - December 31, 2005

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar.

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x

CVE-2003-1048 7.8 - High - July 27, 2004

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

Double-free

A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed

CVE-2003-0813 - November 17, 2003

A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.

TOCTTOU

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which

CVE-2002-0862 - October 04, 2002

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.

Improper Certificate Validation

NTFS file system in Windows NT 4.0 and Windows 2000 SP2

CVE-2002-0725 5.5 - Medium - September 05, 2002

NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.

insecure temporary file

Integer overflow in xdr_array function in RPC servers for operating systems

CVE-2002-0391 9.8 - Critical - August 12, 2002

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

Integer Overflow or Wraparound

By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which

CVE-2001-1452 7.5 - High - August 31, 2001

By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.

Origin Validation Error

The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which

CVE-2001-0006 7.1 - High - February 12, 2001

The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability.

Incorrect Permission Assignment for Critical Resource

A Windows NT administrator account has the default name of Administrator.

CVE-1999-0585 - July 01, 2000

A Windows NT administrator account has the default name of Administrator.

A system does not present an appropriate legal message or warning to a user who is accessing it.

CVE-1999-0590 - June 01, 2000

A system does not present an appropriate legal message or warning to a user who is accessing it.

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts

CVE-2000-1218 9.8 - Critical - April 14, 2000

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

Origin Validation Error

Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server

CVE-2000-0129 - February 04, 2000

Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.

A Windows NT system does not clear the system page file during shutdown, which might

CVE-1999-0595 - January 20, 2000

A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.

Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which

CVE-1999-1127 7.5 - High - December 31, 1999

Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.

Missing Release of Resource after Effective Lifetime

Denial of service in Windows NT messenger service through a long username.

CVE-1999-0224 - July 23, 1999

Denial of service in Windows NT messenger service through a long username.

Denial of service in RAS/PPTP on NT systems.

CVE-1999-0140 - June 30, 1999

Denial of service in RAS/PPTP on NT systems.

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets

CVE-1999-0444 - April 12, 1999

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

Windows NT 4.0 beta

CVE-1999-0119 - January 19, 1999

Windows NT 4.0 beta allows users to read and delete shares.

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused

CVE-1999-0391 - January 05, 1999

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.

CVE-1999-0579 - January 01, 1999

A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.

Windows NT TCP/IP processes fragmented IP packets improperly

CVE-1999-0226 - January 01, 1999

Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.

Data Processing Errors

Denial of service in telnet

CVE-1999-0285 - January 01, 1999

Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.

Windows NT automatically logs in an administrator upon rebooting.

CVE-1999-0549 - January 01, 1999

Windows NT automatically logs in an administrator upon rebooting.

A system-critical Windows NT file or directory has inappropriate permissions.

CVE-1999-0560 - January 01, 1999

A system-critical Windows NT file or directory has inappropriate permissions.

Windows NT is not using a password filter utility, e.g

CVE-1999-0570 - January 01, 1999

Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.

A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.

CVE-1999-0577 - January 01, 1999

A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.

A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.

CVE-1999-0578 - January 01, 1999

A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.

The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate

CVE-1999-0581 - January 01, 1999

The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.

A Windows NT domain user or administrator account has a guessable password.

CVE-1999-0505 - October 01, 1998

A Windows NT domain user or administrator account has a guessable password.

A Windows NT domain user or administrator account has a default

CVE-1999-0506 - October 01, 1998

A Windows NT domain user or administrator account has a default, null, blank, or missing password.

The Windows NT guest account is enabled.

CVE-1999-0546 - October 01, 1998

The Windows NT guest account is enabled.

Bonk variation of teardrop IP fragmentation denial of service.

CVE-1999-0258 - February 13, 1998

Bonk variation of teardrop IP fragmentation denial of service.

Listening TCP ports are sequentially allocated

CVE-1999-0074 - July 01, 1997

Listening TCP ports are sequentially allocated, allowing spoofing attacks.

Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.

CVE-1999-0275 - June 10, 1997

Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.

Denial of service through Winpopup using large user names.

CVE-1999-0292 - April 01, 1997

Denial of service through Winpopup using large user names.

A version of finger is running

CVE-1999-0612 - March 01, 1997

A version of finger is running that exposes valid user information to any entity on the network.

A Windows NT system's user audit policy does not log an event success or failure, e.g

CVE-1999-0575 - January 01, 1997

A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.

A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g

CVE-1999-0582 - January 01, 1997

A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.

A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.

CVE-1999-0576 - January 01, 1997

A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.

.reg files are associated with the Windows NT registry editor (regedit)

CVE-1999-0572 - January 01, 1997

.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.

A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g

CVE-1999-0535 - January 01, 1997

A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.

A Windows NT user has inappropriate rights or privileges, e.g

CVE-1999-0534 - January 01, 1997

A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.

A NETBIOS/SMB share password is the default

CVE-1999-0519 - January 01, 1997

A NETBIOS/SMB share password is the default, null, or missing.

IP forwarding is enabled on a machine

CVE-1999-0511 - January 01, 1997

IP forwarding is enabled on a machine which is not a router or firewall.

A Windows NT local user or administrator account has a default

CVE-1999-0504 - January 01, 1997

A Windows NT local user or administrator account has a default, null, blank, or missing password.

A Windows NT local user or administrator account has a guessable password.

CVE-1999-0503 - January 01, 1997

A Windows NT local user or administrator account has a guessable password.

NETBIOS share information may be published through SNMP registry keys in NT.

CVE-1999-0499 - January 01, 1997

NETBIOS share information may be published through SNMP registry keys in NT.

Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query

CVE-1999-0274 - January 01, 1997

Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made.

Windows NT RSHSVC program

CVE-1999-0249 - January 01, 1997

Windows NT RSHSVC program allows remote users to execute arbitrary commands.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows 2000 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe