Reported February 7, 2001, by BindView RAZOR Team.
A local promotion vulnerability has been discovered in NT 4.0, all versions including Service Pack 6a (SP6a). A flaw in the way the NT LAN Manager (NTLM) Security Support Provider handles client requests can let a malicious user run a program as a privileged user.
Microsoft has released a security bulletin, MS01-008.
The original RAZOR advisory is available at: