This attack could pose a moderate security threat. It does not require immediate action.
This signature detects attempts to exploit a vulnerability in the winlogon.exe service causing a denial of service
In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 could crash due to winlogon.exe's inability to process specially malformed remote registry requests. Rebooting the machine would be required in order to regain normal functionality.
Only authenticated users on the network would be able to exploit this vulnerability. If Windows NT was configured to deny all remote registry requests, it would not be affected by this vulnerability under any conditions.