CVE-2002-0443

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000

Description The issue allows local users to bypass the policy that prohibits reusing old passwords. This is achieved by changing the current password before it expires, which does not enable the check for previous passwords.

Recommendations For Microsoft Windows 2000, consider implementing a workaround to enforce password history checks, such as manually tracking password changes or using a third-party tool is not recommended, instead, as a temporary workaround, consider restricting password changes to only when necessary until a proper fix can be applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.