This update resolves a privilege elevation vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-047. Download now to prevent a malicious user from gaining unauthorized privileges on your domain.

This vulnerability exists because there is an error in the way that a Windows 2000 domain accepts authorization data from a trusted domain. This causes the affected domain to accept any Security Identifier (SID) that is specified within the authorization data of the trusted domain, even if the SID is not from the trusted domain. The vulnerability could allow a malicious user to gain unauthorized privileges on the domain.

For more information about this vulnerability, read Microsoft Security Bulletin MS01-047. (This site is in English.)

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Add/Remove Programs.
3. Click Windows 2000 Hotfix (Pre-SP3)[See Q305330 for more information], and then click Change/Remove.