Date: Сб, 30 окт 1999 04:12:59
От: Microsoft Product Security Response Team <secure@MICROSOFT.COM>
Кому: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Тема: FW: Case Sensitivity Vulnerability and SP5
--------------------------------------------------------------------------------
Hi All -
We've received several reports about this issue, some reporting that the fix
for the Case Sensitivity vulnerability isn't present in SP5 and others
reporting that's missing in SP6. We've verified that the fix is present in
both service packs. However, the fix is not activated unless base system
objects are strongly protected. To enable base system object protection,
you'll need to set
hkey_local_machine\system\CurrentControlSet\Control\Session
Manager\ProtectionMode is set to 1, as discussed in
http://support.microsoft.com/support/kb/articles/Q218/4/73.ASP
The confusion probably results because base system object protection is
disabled by default. This is done because many applications have problems
running under the restrictions that it imposes. We'll update our
documentation to make the situation more clear. Sorry for any
inconvenience. Regards,
Secure@microsoft.com
-----Original Message-----
From: Davis, Thomas R. [mailto:tdavis@INDIANA.EDU]
Sent: Friday, October 29, 1999 12:03 PM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Case Sensitivity Vulnerability and SP5
Greetings
Based on the following Microsoft KB article:
