CVE-2000-0663

Name of the Vulnerable Software and Affected Versions Windows NT and Windows 2000

Description The issue arises from the registry entry for the Windows Shell executable (Explorer.exe) using a relative path name. This allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory.

Recommendations For Windows NT and Windows 2000, consider using an absolute path name for the Windows Shell executable registry entry to prevent exploitation. As a temporary workaround, restrict access to the %Systemdrive% directory to minimize the risk of a Trojan Horse being inserted. Avoid executing commands from untrusted sources until the issue is resolved.