This update resolves the "Web Client NTLM Authentication" security vulnerability in Windows 2000 and Office 2000, and is discussed in Microsoft Security Bulletin MS01-001. Download now to help prevent a malicious person from capturing your logon credentials.

Under specific conditions, this vulnerability allows a malicious Web site operator to obtain the cryptographically protected logon credentials of a visiting user because the security settings for the Web Extender Client (WEC) are set to incorrect levels. The vulnerability exists because WEC, which allows Internet Explorer to view and publish files via Web Folders, does not adhere to the recommended security settings in Internet Explorer, and will perform NTLM authentication for any server that requests it. If a malicious Web site operator formats a document to automatically request NTLM authentication from a visiting user, it can cause the user's computer to send his or her authentication credentials. Once the credentials are revealed, the operator may be able to use specialized tools to derive the user's password.

For more information about this vulnerability, please read Microsoft Security Bulletin MS01-001. (This site is in English.)

Note This update will be included in Windows 2000 Service Pack 2.

This vulnerability does not affect computers running versions of Internet Explorer earlier than 5.0; also, you must be using Web Folder functionality.

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Add/Remove Programs.
3. Select Windows 2000 Hotfix (Pre-SP2) [See Q282132 for more information], and then click Change/Remove to uninstall.