A US security company said that websites running on Windows NT 4.0 will be at risk.

The vulnerability in Windows NT 4.0 is located in a critical Windows protocol: Server Message Block (SMB). In fact, this vulnerability has already been patched (in February) on the Windows Server 2003 operating system, Windows XP operating system and Windows 2000 operating system. However, the validity period of Microsoft's maintenance support for Windows NT 4.0 is as early as 2004. It ended on December 31, so Microsoft did not provide additional patches for Windows NT 4.0.

If users of Windows NT 4.0 want to get this patch, they can only accept paid services from Microsoft. Microsoft's paid services for Windows NT 4.0 will continue until the end of 2006.

According to survey data provided by this company, approximately 1.1% of website server users are still using Windows NT 4.0, and the number of users is approximately 680,000. These websites, usually SSL-type websites, engage in e-commerce activities and can easily arouse the interest of malicious hackers.

Microsoft officially provides two solutions:

1: Reduce the insecurity pressure in this area through SMB signatures.

2: It is recommended that users of Windows NT 4.0 switch to Windows Server 2003.

SMB in Windows can help users share files, printers, serial ports and connections between computers, especially the connection between the server and the clieNT desktop. The vulnerability allows a hacker to take full control of a target system by sending a specially crafted SMB packet.