| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200411242043640.SM02416@wolfcub3kv> From: purdy at tecman.com (Curt Purdy) Subject: [in] MS Windows Screensaver Privilege Escalation Matthew Walker wrote: > The Original Post is http://www.securityfocus.com/bid/11711 > > On Windows XP all releases, when you replace, or change the > screensaver displayed on the login screen with a specially > crafted version designed to execute programs, those programs > are launched under the SYSTEM SID, IE: they are given > automatically the highest access level available to Windows. > This level is not accessible even to administrators. <snip> Nice find Mathew. But this is amazingly bad. Though I only run windoze as a VM under SuSE, this has made me decide to shut the VM down rather than let it run with a locked screen saver. My choice now is to either run it with such a short lock period that I will constantly have to take time to log back in, or just shut it down every time I leave my desk and restart the VM when I need it (less and less these days). I have chosen the later as the least time consuming. Amazing that M$ has decided to disregard the hole... no, more like a valley. I can just imagine all the company crackers walking around with a trojaned logon.scr on their USB stick looking for unattended boxes. Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA Information Security Engineer DP Solutions ----------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity zar Richard Clarke
Powered by blists - more mailing lists