CVE-1999-0593 is a vulnerability found in Microsoft Windows NT related to the default configuration of the Winlogon registry key entry named ShutdownWithoutLogon. This setting, when enabled by default, allows any user with physical access to the machine to shut down the system without needing to authenticate or log in. The vulnerability arises because the system permits shutdown operations at the login screen, which can be exploited by anyone physically present at the device. This does not allow unauthorized access to data or system control beyond shutdown, but it does impact system availability. The vulnerability is classified with a CVSS score of 4.9 (medium severity), reflecting that it requires physical access (local vector), has low attack complexity, no authentication is needed, and it impacts availability only, with no confidentiality or integrity impact. There are no patches available for this issue, and no known exploits have been reported in the wild. The affected product is Windows NT, an older Microsoft operating system no longer widely used or supported. The vulnerability is primarily a physical security concern rather than a remote or network-based threat.

For European organizations, the impact of this vulnerability is limited but still relevant in environments where legacy Windows NT systems remain in use, particularly in industrial, governmental, or specialized legacy infrastructure contexts. The main risk is the potential for denial of service through unauthorized shutdowns, which could disrupt critical operations, cause data loss if unsaved work is present, or interrupt services dependent on the affected machines. Since the vulnerability requires physical access, it is less likely to be exploited remotely, but insider threats or unauthorized physical access to sensitive areas could leverage this to cause operational disruptions. The lack of confidentiality or integrity impact means sensitive data exposure or system compromise is not a direct concern from this vulnerability alone. However, availability interruptions can have cascading effects in environments with strict uptime requirements or where legacy systems interface with modern infrastructure.

To mitigate this vulnerability, European organizations should first assess whether Windows NT systems are still in active use and isolate them from critical infrastructure if possible. Physical security controls must be strengthened to prevent unauthorized access to machines, including locked server rooms, restricted access policies, and surveillance. Administrators can consider modifying the ShutdownWithoutLogon registry key to disable shutdown without logon, although this may require manual configuration on legacy systems. Where feasible, migrating from Windows NT to supported and updated operating systems is strongly recommended to eliminate this and other legacy vulnerabilities. Additionally, organizations should implement monitoring to detect unexpected shutdowns and establish incident response procedures to quickly address availability disruptions. Backup power solutions and uninterruptible power supplies (UPS) can also help mitigate the impact of sudden shutdowns.