Article ID: 286132 - Last Review: October 27, 2006 - Revision: 5.1

Patch available for invalid RDP data vulnerability

View products that this article applies to.
This article was previously published under Q286132
Expand all | Collapse all

SYMPTOMS

Microsoft has released a patch that eliminates a security vulnerability on Windows 2000-based computers that are running Terminal Services. The vulnerability could allow a malicious user to cause an affected server to display an error message on a blue screen or stop responding (hang).

The implementation of the Remote Data Protocol (RDP) in Windows 2000 does not correctly handle a particular series of data packets. If such a series of packets are received by an affected server, the server may display an error message on a blue screen or hang. You can resolve the problem by rebooting the server, but any work in progress at the time of the attack is lost.

The malicious user does not need to start a session with an affected server to exploit this vulnerability; the malicious user needs only to send the correct series of packets to the RDP port on the server. The specific sequence of data packets involved in this vulnerability cannot be generated as part of a legitimate Terminal Services session.

Computers that are running Microsoft Windows NT Server 4.0, Terminal Services Edition are not affected by this vulnerability.
Back to the top

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
260910  (http://support.microsoft.com/kb/260910/ ) How to obtain the latest Windows 2000 service pack
The following files are available for download from the Microsoft Download Center:
Collapse this imageExpand this image
Download
English Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/en-us/q286132_w2k_sp2_x86_en.exe)

Collapse this imageExpand this image
Download
Chinese (Simplified) Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/cn/q286132_w2k_sp2_x86_cn.exe)

Collapse this imageExpand this image
Download
Chinese (Traditional) Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/tw/q286132_w2k_sp2_x86_tw.exe)

Collapse this imageExpand this image
Download
Czech Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/cs/q286132_w2k_sp2_x86_cs.exe)

Collapse this imageExpand this image
Download
Dutch Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/nl/q286132_w2k_sp2_x86_nl.exe)

Collapse this imageExpand this image
Download
French Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/fr/q286132_w2k_sp2_x86_fr.exe)

Collapse this imageExpand this image
Download
German Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/de/q286132_w2k_sp2_x86_de.exe)

Collapse this imageExpand this image
Download
Hungarian Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/hu/q286132_w2k_sp2_x86_hu.exe)

Collapse this imageExpand this image
Download
Italian Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/it/q286132_w2k_sp2_x86_it.exe)

Collapse this imageExpand this image
Download
Japanese Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/ja/q286132_w2k_sp2_x86_ja.exe)

Collapse this imageExpand this image
Download
Korean Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/ko/q286132_w2k_sp2_x86_ko.exe)

Collapse this imageExpand this image
Download
Polish Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/pl/q286132_w2k_sp2_x86_pl.exe)

Collapse this imageExpand this image
Download
Portuguese (Brazilian) Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/pt-br/q286132_w2k_sp2_x86_br.exe)

Collapse this imageExpand this image
Download
Portuguese Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/pt/q286132_w2k_sp2_x86_pt.exe)

Collapse this imageExpand this image
Download
Russian Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/ru/q286132_w2k_sp2_x86_ru.exe)

Collapse this imageExpand this image
Download
Spanish Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/es/q286132_w2k_sp2_x86_es.exe)

Collapse this imageExpand this image
Download
Swedish Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/sv/q286132_w2k_sp2_x86_sv.exe)

Collapse this imageExpand this image
Download
Turkish Language Version (http://download.microsoft.com/download/win2000platform/patch/q286132/nt5/tr/q286132_w2k_sp2_x86_tr.exe)

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591  (http://support.microsoft.com/kb/119591/EN-US/ ) How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. The English-language version of this fix should have the following file attributes or later: 
   Date        Time    Version        Size     File name     Encryption
   -----------------------------------------------------------------------
   01/25/2001  11:57a  5.0.2195.2847  106,256  Instrdp5.dll  not available
   01/25/2001  11:57a  5.0.2195.2847   88,056  Rdpwd.sys     40-bit
   01/25/2001  11:57a  5.0.2195.2847   88,024  Rdpwd.sys     56-bit

Back to the top

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 2.
Back to the top

MORE INFORMATION

For more information, view the following Microsoft Security Bulletin Web site:
http://www.microsoft.com/technet/security/bulletin/MS01-006.mspx (http://www.microsoft.com/technet/security/bulletin/ms01-006.mspx)
For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the following article number to view the article in the Microsoft Knowledge Base:
249149  (http://support.microsoft.com/kb/249149/ ) Installing Microsoft Windows 2000 and Windows 2000 hotfixes
Back to the top
APPLIES TO
  • Microsoft Windows 2000 Service Pack 1
  • Microsoft Windows 2000 Advanced Server
Back to the top
Keywords: 
kbbug kbenv kbfix kbgraphxlinkcritical kbwin2000presp2fix KB286132
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations