1。
Microsoft Security Bulletin MS02-064
Windows 2000 Default Permissions Could Allow Trojan Horse Program (Q327522)
解決:參考 Windows XP 作爲缺省權限. The default permissions for the root directory on the system drive for Windows XP are:
• Administrators: Full Control
• Creator Owner: Full Control (Subfolders and Files)
• System: Full Control
• Users: Read & Execute (This folder, subfolders, and files)
• Users: Create Folders / Append Data (This folder and Subfolders)
• Users: Create Files / Write Data (Subfolders only)
• Everyone: Read & Execute
或用自定義安全模板:
在安全模板文件 [File Security] 部分加入跟Windows XP一樣的語句 (不能打斷,只能一行加入).
"%SystemDrive%/",0,"D:AR(A;OICI;GA;;;BA)(A;OICI;GA;;;SY)(A;OICIIO;GA;;;CO)
(A;CIOI;GRGX;;;BU)(A;CI;0x00000004;;;BU)(A;CIIO;0x00000002;;;BU)(A;;GRGX;;;WD)"
2。
Microsoft Security Bulletin MS03-008
Flaw in Windows Script Engine Could Allow Code Execution (814078)
Impact of vulnerability:Run Code of Attacker's Choice
解決:安裝補丁 - 用於 Windows 2000 和 XP 的 JScript 5.6 安全修補程序 - Q814078
3。
IE zone
Script ActiveX controls marked safe for scripting Enable -> Disable
Submit nonencrypted form data(提交非加密表單) Enable -> Prompt
4。
MS03-030 Unchecked Buffer in DirectX Could Enable System Compromise (819696)
解決:安裝
Windows 2000 安全修補程序:DirectX 中未經檢查的緩衝區可導致系統安全漏洞