| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <003b01c49d31$ede36e80$0501a8c0@andromeda> From: prp17 at adelphia.net (Phillip R. Paradis) Subject: RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access > 2) if you knew about it, and wanted to change it, they told > you that you would lose data if you did! Amazingly enough, they are telling the truth. Security-related information for that account, such as personal certificates, saved passwords, etc., are deleted if the password is reset. Because this includes the user's EFS certificate, any files the user has encrypted with EFS are no longer recoverable unless someone either backed up the certificate or created and saved a recovery certificate. I would presume that since the account is "hidden", it has not been used, and no such data exists. Of course, one could merely log on with the (passwordless) Administrator account and use the Change Password command to add one; this does not cause the loss of whatever security data may be stored in that account's profile. One could also simply disable the account rather than resetting it's password. (This can be done from lusrmgr.msc, or via a group policy.)
Powered by blists - more mailing lists