Description
Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.
References (3)
Core 3
Core References
Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/197195
Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3033
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6919
Scores
CVSS v3
7.8
EPSS
0.0121
EPSS Percentile
64.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-178
Status
published
Products (1)
microsoft/windows_2000
Published
Jul 16, 2001
Tracked Since
Feb 18, 2026