This update resolves the "NTLMSSP Privilege Elevation" security vulnerability present in Windows NT® 4.0, and is discussed in Microsoft Security Bulletin MS01-008. Download now to help prevent a malicious user from gaining administrative access to your computer.

This vulnerability exists because the NTLM Security Support Provider (NTLMSSP), which handles authentication requests associated with the NTLM Protocol, allows local user accounts to initiate a specially formed request to execute code by using LocalSystem security privileges. (These security privileges are equal to or greater than those of a local administrator account.) With these privileges, a malicious user with the ability to log on to a computer by using valid user credentials could exploit the vulnerability and send a request to the NTLMSSP that contains specially formatted commands to gain complete control over the computer.

For more information about this vulnerability, please read Microsoft Security Bulletin MS01-008. (This site is in English.)

This update applies to:

• Microsoft Windows NT 4.0 Workstation
• Microsoft Windows NT 4.0 Server
• Microsoft Windows NT 4.0 Server, Enterprise Edition

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Add/Remove Programs.
3. Select Windows NT 4.0 Hotfix (Pre SP7)[See Q280119 for more information], and click Add/Remove to uninstall.