Help and Support

Windows 95 Update Prevents Sending Clear-Text Password Over Net

View products that this article applies to.
Article ID:165403
Last Review:January 19, 2007
Revision:2.3
This article was previously published under Q165403

SYMPTOMS

Using a program specifically designed for such a purpose, it may be possible to force a Windows 95-based computer running the Microsoft Client for Microsoft Networks to send a user's logon name and password across the network in a clear-text format, instead of the normal encrypted format. It may then be possible to intercept and read that password using such a program.

Back to the top

CAUSE

When a Windows 95-based computer running the Microsoft Client for Microsoft Networks (which uses the SMB file-sharing protocol) connects to an SMB server, a negotiation takes place to determine which dialect of the SMB protocol will be used for communication. Microsoft Networking clients and servers generally support the ability to use older SMB dialects to support interoperability with older products. Some of these older dialects do not support sending passwords over the network in an encrypted form. When such a dialect is negotiated, passwords are sent over the network in clear-text form.

Back to the top

RESOLUTION

This issue is resolved by the following updated files for Windows 95: 
   Vredir.vxd version 4.00.1114 (dated 6/2/97) and later
   Vnetsup.vxd version 4.00.1112 (dated 6/2/97) and later
To install this update, follow these steps:

1.Download the Vrdrupd.exe file to an empty folder.
2.In My Computer or Windows Explorer, double-click the Vrdrupd.exe file you downloaded in step 1.
3.Follow the instructions on the screen.
The following file is available for download from the Microsoft Download Center:
DownloadDownload Vrdrupd.exe now (ftp://ftp.microsoft.com/softlib/mslfiles/vrdrupd.exe)
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 (http://support.microsoft.com/kb/119591/EN-US/) How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

The following files are installed by Vrdrupd.exe: 
   File name     Version    Date/Time        Size     Destination folder
   ---------------------------------------------------------------------
   Vredir.vxd    4.00.1114  6/2/97 11:14a    156,773  Windows\System
   Vnetsup.vxd   4.00.1112  6/2/97 11:12a     17,595  Windows\System

Back to the top

MORE INFORMATION

With this update installed, connecting to older SMB servers using the Client for Microsoft Networks is no longer possible, because these older servers do not support encryption of passwords sent over the network.

The following SMB servers are known not to support password encryption over the network:

LAN Manager for UNIX (including Hewlett-Packard LM/X)
Samba (unless configured for Challenge/Response password encryption)


For additional information about security in Microsoft products, see the following Microsoft Web site:
http://www.microsoft.com/security/ (http://www.microsoft.com/security/)
For additional information about this issue as it applies to Microsoft Windows NT 4.0, see the following article in the Microsoft Knowledge Base:
166730 (http://support.microsoft.com/kb/166730/EN-US/) With Unencrypted Password SP3 Fails to Connect to SMB Server

For additional information about issues resolved by updates to these components, see the following articles in the Microsoft Knowledge Base:
165402 (http://support.microsoft.com/kb/165402/EN-US/) Windows 95 Update to Encrypt Passwords in Memory

161100 (http://support.microsoft.com/kb/161100/EN-US/) File May Be Truncated When Copied to a Full Network Drive

157114 (http://support.microsoft.com/kb/157114/EN-US/) "Access Denied" Attempting to Run File on LM/X Server

152186 (http://support.microsoft.com/kb/152186/EN-US/) Possible Network Data Corruption If Locking Not Used

148367 (http://support.microsoft.com/kb/148367/EN-US/) Possible Network File Corruption with Redirector Caching

142803 (http://support.microsoft.com/kb/142803/EN-US/) Updated Vredir.vxd Corrects Problems Accessing Database Files

140558 (http://support.microsoft.com/kb/140558/EN-US/) Deleting Files on Samba Servers May Delete Local Files Instead

138249 (http://support.microsoft.com/kb/138249/EN-US/) Updated Vredir.vxd Corrects Errors Running Files on LMX

160807 (http://support.microsoft.com/kb/160807/EN-US/) Cannot Connect to Windows NT Server with Many Shares

150215 (http://support.microsoft.com/kb/150215/EN-US/) Disabling Automatic Network Shortcut Resolution

138014 (http://support.microsoft.com/kb/138014/EN-US/) File May Be Truncated to Zero Bytes When Copied Onto Itself

136834 (http://support.microsoft.com/kb/136834/EN-US/) Error Copying Read-Only Files to Core SMB Server

Back to the top

APPLIES TO
Microsoft Windows 95
Microsoft Windows 98 Standard Edition

Back to the top

Keywords: 
kbfile kbgraphxlinkcritical kbnetwork KB165403

Back to the top

Article Translations

 

Related Support Centers

Other Support Options

  • Need More Help?
    Contact a Support professional by Email, Online or Phone.
  • Customer Service
    For non-technical assistance with product purchases, subscriptions, online services, events, training courses, corporate sales, piracy issues, and more.
  • Newsgroups
    Pose a question to other users. Discussion groups and Forums about specific Microsoft products, technologies, and services.