Microsoft Windows 2000 Patch: Malformed Event Record Update (Windows)
This update resolves the "Malformed Event Record" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-013. Download now to prevent a malicious user from running unauthorized code on your computer. The Windows 2000 Event Viewer snap-in, which plugs into Event Viewer to provide added functionality, has an unchecked buffer (a temporary data storage area that has a limited capacity but no specification for the amount of information that can be written into it) in a section of the code that displays event records. If a malicious user inserts a malformed record into the event log, it can either cause the Event Viewer to fail, or allow the malicious user's code to run on the affected computer. Event Viewer tracks informational, warning, and error events. The event record logs that are recorded in Event Viewer include processes such as logon times and connection times. For more information about this issue, read Microsoft Security Bulletin MS01-013.