Windows 2000 default permissions problem

Microsoft has issued a moderate level advisory concerning the default permissions on a Windows 2000 workstation . These permissions could, under certain circumstances, enable a user to gain full access to the root folder and install a trojan program with the same name as an existing file. The trojan could then be executed when another user logs-on with the full permissions of that user. The fix involves a change in administrative procedure rather than a patch. Full details here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-064.asp