Microsoft KB Archive/169228

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 10:04, 21 July 2020 by X010 (talk | contribs) (Text replacement - """ to """)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base

Article ID: 169228

Article Last Modified on 11/1/2006


  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Server 3.51

This article was previously published under Q169228


You apply the security fix (SEC-FIX) to a computer running Windows NT 3.51. Later, you run Performance Monitor from another computer running Windows NT to monitor the computer running Windows NT 3.51 with SEC-FIX installed.

When you then select either the Thread or Process object within Performance Monitor, Performance Monitor quits. You will usually observe that Performance Monitor simply "goes away" when you select the Thread or Process object. You do NOT normally see any "Application Error" or "Dr Watson" dialog boxes when this particular error occurs.

This problem occurs irrespective of whether the monitoring computer is running Windows NT 3.51 or 4.0, and irrespective of whether the monitoring computer has SEC-FIX installed.

After SEC-FIX has been installed on a computer running Windows NT 3.51, it can no longer be monitored fully over the network from another computer.


There is a problem with the Windows NT 3.51 version of this security fix, which causes incorrect Performance Monitor data to be transferred over the network when the computer is being monitored remotely. This causes the monitoring instance of Performance Monitor to try to access memory to which it has insufficient access.

The Windows NT 4.0 version of SEC-FIX does not have this problem.


This SEC-FIX hotfix is sometimes referred to as the "Red Button" fix.

For additional information on the issues addressed by this security fix, please see the following article in the Microsoft Knowledge Base:

143474 Restricting Information Available to Anonymous Logon Users


Obtain the following fix or wait for the next Windows NT service pack.

This fix should have the following timestamp:

   10/22/97  06:02p               181,504 Advapi32.dll (Intel)
   10/29/97  03:52p               169,504 Winlogon.exe (Intel)

   10/29/97  03:50p               273,168 advapi32.dll (Alpha)
   10/29/97  03:51p               236,304 winlogon.exe (Alpha)

NOTE: Service Pack 5 and SEC-FIX must be applied to Windows NT 3.51 prior to applying this fix.


Microsoft has confirmed this to be a problem in the Windows NT 3.51 version of the SEC-FIX security fix. A supported fix is now available, but has not been fully regression tested and should be applied only to systems experiencing this specific problem. Unless you are severely impacted by this specific problem, Microsoft recommends that you wait for the next Service Pack that contains this fix. Contact Microsoft Technical Support for more information.

Additional query words: RedButton

Keywords: kbhotfixserver kbqfe kbbug kbfix KB169228