Microsoft Windows NT Workstation Home   All Products  |   Support  |   Search  |   microsoft.com Home  
Microsoft
  Windows Home  |   E-newsletter  |
 
Search Microsoft.com for
Advanced Search
Windows NT Workstation Home
Product Information
Technical Resources
Downloads
Support
Related Sites
Partners
Home Product Information

Maintain Security with Windows NT Workstation 4.0


Get Secure

The most important thing you can do to maintain a secure system is to stay current with security patches. The following are the current updates for Windows NT Workstation.

Note: If you have already installed any of these patches, you do not need to reinstall them. However, if you add a component to your Windows NT Workstation environment, you should always reinstall Windows NT Service Packs and Security Rollup Packages to ensure that your systems are fully protected.

Windows NT Workstation 4.0
Windows NT 4.0 Service Pack 6a (SP6a) Windows NT 4.0 SP6a, released in October 1999, resolves issues and contains Year 2000 updates for Windows NT 4.0. Microsoft recommends that each customer consult the Windows NT 4.0 SP6a documentation and then determine whether to deploy this service pack.
Post-SP6a Security Rollup Package (SRP) This security package, released in July 2001, provides all security updates released for Windows NT 4.0 since the release of Windows NT 4.0 Service Pack 6a. You can only install the Security Rollup Package if you are running Windows NT 4.0 Service Pack 6a.
Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206) To prevent an unauthorized program from gaining access to the debugger, system administrators should apply this patch to all systems that allow unprivileged users to log onto them interactively.
Internet Information Services (IIS)
Internet Information Services (IIS) Cumulative Patch (Q319733)

 If you're running Internet Information Server (IIS) 4.0, be sure to download this patch. This update, released in April 2002, addresses several newly discovered security vulnerabilities affecting IIS, and incorporates most previous updates for IIS. This update is discussed in Microsoft Security Bulletin MS02-018.
Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise (Q321599)

 This security patch eliminates an HTR chunked encoding vulnerability affecting Internet Information Services, which could enable an attacker to run code on the system.
Internet Explorer (IE)
Internet Explorer (IE) Cumulative Patch (Q321232)

 This security patch addresses newly discovered security vulnerabilities affecting Internet Explorer. This patch also incorporates all previous IE patches.
Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206) To prevent an unauthorized program from gaining access to the debugger, system administrators should apply this patch to all systems that allow unprivileged users to log onto them interactively.

Stay Secure

After installing the latest service packs and security rollups, you can use the Microsoft Baseline Security Analyzer to check your desktop and server systems for common misconfigurations that affect security, and for the absence of additional patches that eliminate security vulnerabilities. After downloading the tool, please view the readme.txt file before running the tool on your systems. The tool checks for needed security patches by referring to an XML database that's constantly updated by Microsoft.

You can also subscribe to the Microsoft Security Notification Service and receive alerts when security vulnerabilities arise. The goal of this service is to provide accurate information to customers that they can use to inform and protect themselves from malicious attacks. The security team investigates issues reported directly to Microsoft, as well as issues discussed in certain popular security newsgroups. When Microsoft publish bulletins, they contain information on what the issue is, what products it affects-if any, how to protect yourself against the problem, what we plan to do to fix it, and links to other sources of information about the issue.

Another way to stay secure is to visit the Windows Update Corporate site and check its catalog for updates that can be distributed over a home or corporate network, with Windows Update content and Microsoft Windows Hardware Quality Lab (WHQL) device drivers.

Learn What's New in Security for Windows XP.

If you're using Windows NT, you may want to consider upgrading your operating system to Windows XP Professional, which includes features that significantly improve security. You'll find links at the bottom of this page to information describing these security features, as well as guides for using them to customize operating system security to fit your specific needs.

Windows XP provides the most dependable version of Windows ever—with the best security and privacy features. Overall, security has been improved in Windows XP to help you have a safe, secure, and private computing experience.

Windows XP Security Services

Visit the Windows XP Professional security page to learn about the security services built into Windows XP and how it can enhance the security of your network

Additional Security Resources

Last Updated: Tuesday, July 16, 2002
© 2005 Microsoft Corporation. All rights reserved. Terms of use.