Some System Named Pipes Are Not Created with Appropriate Permissions

View products that this article applies to.

This article was previously published under Q279843

SYMPTOMS

Some system named pipes could behave in an unexpected manner and their functionality could be disrupted or broken. For example, errors could occur when you try to restart your computer or run net use commands. You may have to restart the computer (a "hard" boot, or hardware reset) to recover from such errors.

Back to the top

CAUSE

Some of the system named pipes are not created with proper protection. They are created with full permissions for everyone. This could allow a malicious user to open such a system named pipe and take control of it to cause undesirable behavior. For example, the malicious user could open such a named pipe with WRITE_DAC permissions and change the access control settings to deny everybody access to the named pipe. The malicious user could also inject bad data into the pipe or cause disruption of the service as mentioned in the "Symptoms" section of this article.

Back to the top

RESOLUTION

Windows NT 4.0

To resolve this problem, obtain the Windows NT 4.0 Security Rollup Package. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

299444 (http://support.microsoft.com/kb/299444/EN-US/ ) Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP)

This resolution ensures that such named pipes in the system are created with the correct permissions.

Back to the top

Microsoft Windows NT Server version 4.0, Terminal Server Edition

To resolve this problem, obtain the Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package (SRP). For additional information about the SRP, click the article number below to view the article in the Microsoft Knowledge Base:

317636 (http://support.microsoft.com/kb/317636/EN-US/ ) Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package

Back to the top