Export (0) Print
Expand All

Differences in Changing Transaction Timeouts in Windows 2000 and Later Platforms

With the version of Microsoft Distributed Transaction Coordinator (MSDTC) in Windows 2000 Server, a malicious process can change the timeout of any transaction by sending the message TXUSER_SETTXTIMEOUT_MTAG_SETTXTIMEOUT to the MSDTC, if it knows the transaction's GUID.

The MSDTC in versions of Windows subsequent to Windows 2000 Server prevents this by allowing only the process that begins a transaction to change its timeout.

The only situation in which the process that begins the transaction cannot change the transaction's timeout is when both of the following are true:

  1. The application process is in Windows 2000 Server.

  2. The Windows 2000 Server computer is configured to use MSDTC on a remote machine where a later version of Windows is installed.

This is because the version of MSDTC in Windows 2000 Server allows clients to change a transaction's timeout using the connection type CONNTYPE_SETTXTIMEOUT, while the versions of MSDTC in later versions of Windows use the CONNTYPE_TXUSER_BEGIN2 connection type. To resolve this issue, you must upgrade the client computer or the MSDTC computer so that both are running a version of Windows later than Windows 2000 Server.

Show:
© 2014 Microsoft