Microsoft plugs NT hole

The giant says the patch for Windows NT 4.0 for servers and workstations is only necessary in certain instances.

Microsoft has plugged another security hole found in its Windows NT Workstation and Server operating system.

The latest so-called denial-of-service attack, dubbed a "snork" exploit, can encroach on system performance by hogging processing power and, potentially, network bandwidth. A single packet can make it appear that bad data has been sent from one system to another, causing a constant communication that can last from 30 seconds to two minutes.

But if a malicious party chose to send several packets to various systems, it could cause serious computer and network problems, dominating processing cycles and connection bandwidth.

It was discovered by Internet Security Systems, a provider of security software and services, who notified Microsoft privately sometime in the past two weeks. Microsoft's Windows NT Workstation and Server version 4.0 and Terminal Server Edition 4.0 are the operating systems affected by the attack.

The attack is similar to previous "smurf" and "fraggle" exploits, according to ISS.

Microsoft said the patch is only necessary in certain instances and there have been no reports related to the attack by customers.

"It requires an ongoing attack by a malicious person," said Jason Garms, a product manager for Windows NT security. "In order for you to really be affected by this, someone has to be malicious and send a number of packets.

"Customers need to evaluate their situation," he said.

The patch is available for download on Microsoft's Web site. The patch will be included in NT's forthcoming service pack 4 release, due in late October.