Security update 896428 adds a new registry key that lets the Telnet client disclose additional environment variables in Windows Server 2003 and in Windows XP

View products that this article applies to.

Introduction

Microsoft security update 896428 (MS05-033) limits the environment variables that the Telnet client can disclose in Microsoft Windows Server 2003 and in Microsoft Windows XP. However, the security update also adds a new registry key that lets you specify additional environment variables that the Telnet client can disclose.

↑ Back to the top

More information

Security update 896428 adds the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\TelnetClient\AllowedEnvVariables

By default, the Telnet client lets the server request only the following environment variables:

USER
DISPLAY
SYSTEMTYPE
ACCT
JOB
PRINTER
SFUTLNTMODE
SFUTLNTVER

You can use the AllowedEnvVariables registry key to specify additional environment variables that can be disclosed by the Telnet client. The new key is created as a MULTI_SZ registry value.

↑ Back to the top

Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: KB900934, kbinfo, kbtshoot, kbsecurity

↑ Back to the top

Article Info

Article ID	:	900934
Revision	:	3
Created on	:	7/8/2010
Published on	:	7/8/2010
Exists online	:	False
Views	:	401

Microsoft KB Archive Search

Security update 896428 adds a new registry key that lets the Telnet client disclose additional environment variables in Windows Server 2003 and in Windows XP

Introduction

More information

Applies to: