Thanks xStainDx for posting this in our forum. On April 26, 2002, Microsoft released an updated version of the bulletin annoucing the availability of a patch for Windows 98 and Windows 98SE and to advise customers that the work-around procedure is no longer needed for that platform.
Simple Network Management Protocol (SNMP) is an Internet standard protocol for managing disparate network devices such as firewalls, computers, and routers. All versions of Windows except Windows ME provide an SNMP implementation, which is neither installed nor running by default in any version.
A buffer overrun is present in all implementations. By sending a specially malformed management request to a system running an affected version of the SNMP service, an attacker could cause a denial of service. In addition, it is possible that he cause code
to run on the system in LocalSystem context. This could potentially give the attacker the ability to take any desired action on the system.
A patch is under development to eliminate the vulnerability. In the meantime, Microsoft recommends that customers who use the SNMP service disable it temporarily. Patches will be available shortly, at which time we will re-release this bulletin with updated details.