This update resolves the "Telnet Server Flooding" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS00-050. Download now to help prevent a malicious user from sending invalid input information to your Telnet Server. Although the Telnet service is provided as part of Windows 2000, the service is not enabled by default, and users who have not enabled it are not at risk.

The denial of service occurs when a malicious client sends a particular malformed string to the server. The effect of the vulnerability is limited to Telnet itself – there is no capability to cause other services to fail, or to cause Windows 2000 to fail.

After an attack, Telnet services can be restored by restarting the Telnet Server.

For more information about this vulnerability, read Microsoft Security Bulletin MS00-050. (This site is in English.)

• Microsoft Windows 2000 Professional
• Microsoft Windows 2000 Server
• Microsoft Windows 2000 Advanced Server

1. Click Start, point to Settings and click Control Panel.
2. Double-click Add/Remove Programs.
3. Select Windows 2000 Hotfix (Pre-Sp2) [See Q267843 for more information] and click Change/Remove to uninstall.