Fixes Required in TCSEC C2 Security Evaluation Configuration for Windows NT 4.0 Service Pack 6a

ID: Q244599

The information in this article applies to:
  • Microsoft Windows NT Server version 4.0
  • Microsoft Windows NT Server, Enterprise Edition version 4.0
  • Microsoft Windows NT Workstation version 4.0

SUMMARY

The "Administrator's and User's Security Guide for Windows NT 4.0" is the official document that specifies the exact procedures to configure Windows NT 4.0 as a Trusted Computer System Evaluation Criteria (TCSEC) C2 compliant system. This guide is available from the following Microsoft Web site:

Administrator's and User's Security Guide for Windows NT 4.0
These procedures include the installation of Windows NT 4.0 Service Pack 6a and a Post-SP6a hotfix called the "C2 Update."


MORE INFORMATION

The C2 Update corrects the following problems in Windows NT 4.0:

  • NetBT disallows unprivileged user mode programs from sharing TCP and UDP ports that are opened by NetBT. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
    Q241041 Enabling NetBT to Open TCP and UDP Ports Exclusively


  • Device drivers create their corresponding DeviceObject with FILE_DEVICE_SECURE_OPEN DeviceCharacteristics. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
    Q243405 Device Drivers Create Their Corresponding DeviceObject with FILE_DEVICE_SECURE_OPEN DeviceCharacteristics


  • Jet500 creates events and semaphores objects with non-NULL ACLs. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
    Q243404 ACLs Associated with Events and Semaphores Created by JET500.DLL


The following files are available for download from the Microsoft Download Center or Microsoft's FTP site. Click the file names below to download the appropriate file:

English

x86:
Microsoft Download Center: Q244599i.exe

FTP: Q244599i.exe
Alpha:
Microsoft Download Center: Q244599a.exe

FTP: Q244599a.exe

French

x86:
FTP: Q244599i.exe
Alpha:
FTP: Q244599a.exe

Spanish

x86:
FTP: Q244599i.exe
Alpha:
FTP: Q244599a.exe
For more information about how to download files from the Microsoft Download Center, please visit the Download Center at the following Web address
http://www.microsoft.com/downloads/search.asp
and then click How to use the Microsoft Download Center.

NOTE: The C2 Update also includes the binary files required in the Spooler-fix described in the following article in the Microsoft Knowledge Base:
Q243649 Unchecked Print Spooler Buffer May Expose System Vulnerability

Additional query words: c2 security_patch

Keywords : kbbug4.00 kbfix4.00
Version : winnt:4.0
Platform : winnt
Issue type : kbinfo


Last Reviewed: December 23, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.