Serious Windows XP Security Flaw...

OT: anything goes!

Moderator: Edi

Post Reply
User avatar
Exonerate
Sith Marauder
Posts: 4454
Joined: 2002-10-29 07:19pm
Location: DC Metro Area

Serious Windows XP Security Flaw...

Post by Exonerate »

http://www.briansbuzz.com/w/030213/
XP passwords rendered useless

By Brian Livingston

Windows XP, which has been marketed by Microsoft as "the most secure version ever," has been found to have a flaw so bone-headed that it renders passwords ineffective as a means of keeping people out of your PC.

Reader Tony DeMartino alerted me to the problem, which all administrators of Windows XP machines should immediately take to heart:
Anyone with a Windows 2000 CD can boot up a Windows XP box and start the Windows 2000 Recovery Console, a troubleshooting program.

Windows XP then allows the visitor to operate as Administrator without a password, even if the Administrator account has a strong password.

The visitor can also operate in any of the other user accounts that may be present on the XP machine, even if those accounts have passwords.

Unbelievably, the visitor can copy files from the hard disk to a floppy disk or other removable media - something even an Administrator is normally prevented from doing when using the Recovery Console.
This problem is unrelated to a feature of XP that allows an Administrator to set up automatic logon when the Recovery Console is used. Even without the Registry entry that enables this, XP is vulnerable. (For info on that feature, see support.microsoft.com/?scid=kb;en-us;312149.)

Windows 2000, of course, doesn't allow Recovery Console users to access a hard drive without a password, if one previously existed.

I notified four Microsoft executives of the XP flaw weeks ago, but haven't yet received an official response. There's no Knowledge Base article about it, and there may not even be a good solution to the problem.

When I've spoken with Microsoft security pros about similar problems in the past, they've referred me to a company policy that says, "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore."

That's all well and good - but the fact remains that Windows 2000 doesn't allow anyone with an old CD to get password-free access, and Windows XP does.

My recommendation: If you use XP machines in open spaces, put the PCs behind a locked door or put a lock on the PCs themselves. The bad guys know about this flaw, and it's just one more thing for the good guys to protect against.

To send me more information about this, or to send me a tip on any other subject, e-mail me at Brian@BriansBuzz.com with "tip" in the subject.
Granted, they need local access, but its still a big thing...

BoTM, MM, HAB, JL
Top
User avatar
GrandMasterTerwynn
Emperor's Hand
Posts: 6787
Joined: 2002-07-29 06:14pm
Location: Somewhere on Earth.

Post by GrandMasterTerwynn »

Hehehehe, so you mean that I, as a user of Windows 2000 with a Windows 2000 CD can screw over a Windows XP machine?

That's too rich! :lol: :shock: :lol: :shock: :lol:

Not that I'd try such a thing, mind you. At least not without a clear path to the exit.
Top
User avatar
Shinova
Emperor's Hand
Posts: 10193
Joined: 2002-10-03 08:53pm
Location: LOLOLOLOLOLOLOLOLOL

Post by Shinova »

At least its a local problem, not an across-the-internet thing.
What's her bust size!?

It's over NINE THOUSAAAAAAAAAAND!!!!!!!!!
Top
User avatar
Lord MJ
Jedi Council Member
Posts: 1562
Joined: 2002-07-07 07:40pm
Contact:
Contact Lord MJ

Post by Lord MJ »

Thats an inherent flaw in ALL operating systems.



Only an encrypted file system can protect against such an attack, an even then there is still risk.


Pretty much once someone has physical access to a machine, he can do anything.
Top
Post Reply

Return to “Off-Topic”