Article ID: 130487
Article Last Modified on 10/13/2003
APPLIES TO
- Microsoft Windows NT Workstation 3.5
- Microsoft Windows NT Server 3.5
This article was previously published under Q130487
SYMPTOMS
If a file has only read and execute permissions, event 560 (Audit Failure) may be written to the security log when the file is opened for read access. For this symptom to occur, auditing for file write failure must be enabled.
STATUS
Microsoft has confirmed this to be a problem in Windows NT version 3.5. A fix to this problem is in development, but has not been regression-tested and may be destabilizing in production environments. Microsoft does not recommend implementing this fix at this time. Contact Microsoft Product Support Services for more information on the availability of this fix.
Keywords: KB130487