« Everyone run for the hills….global warming is….wait..nevermind…get the wolly mammothy coat!
5 hour countdown… »

Sometimes simple things are able to break complex security

paul.e.dearment.jr| May 26, 2008 8:45 am
I got nothing for this..except…why didn’t I think of this first?
clipped from slashdot.org



Security



An anonymous reader writes “This video shows a method by which a user can use a Linux distro called BackTrack to gain system access to Windows Vista without logging into Windows or knowing the username or password for any accounts. To accomplish this, the user renames cmd.exe to Utilman.exe — this is the program that brings up the Accessibility options for users without sight or with limited vision. The attack takes advantage of the fact that the Utility Manager can be invoked before the user logs into the system. The user gains System access, which is a level higher than Administrator. The person who discovered this security hole claims that XP, 2000, 2003 and NT are not vulnerable to it; only Windows Vista is.”

Posted by
kdawson
on Monday May 26, @12:51AM
from the seems-too-simple-somehow dept.


Technology: Gaining System-Level Access To Vista
  blog it

Categories: General

No Responses to “Sometimes simple things are able to break complex security”

RSS feed for the comments of this post

Care to comment?

Use this URL to trackback from your own blog

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Categories

Archives