CVE-2002-0725

Name of the Vulnerable Software and Affected Versions Windows NT versions prior to 4.0 SP3 Windows 2000 versions prior to SP3

Description The issue allows local attackers to hide file usage activities by creating a hard link to the target file. This causes the link to be recorded in the audit trail instead of the target file, potentially masking malicious activities.

Recommendations For Windows NT 4.0, apply Service Pack 3 or later to resolve the issue. For Windows 2000, apply Service Pack 3 or later to resolve the issue. As a temporary workaround, consider monitoring file system activities closely to detect potential misuse of hard links until a patch is applied.