[Dshield] Security Issue with XP

warpmedia warpmedia at comcast.net
Fri Apr 30 03:30:54 GMT 2004

If I can boot a CD on a box, then all is already lost AFAIK. The many tools 
out there to do this including just booting knopix & mounting the NTFS volume.

Also I belive this is old news from last year. The one fix since IIRC had 
to do with encryption and not being able to access a users encrypted files 
after you reset their password with tools like ntpasswd.

At 07:38 PM 4/29/2004, securityguy at dslextreme.com wrote:
>Anyone with a Windows 2000 CD can boot up a Windows XP box and start the
>Windows 2000 Recovery Console, a troubleshooting program.
>Windows XP then allows the visitor to operate as Administrator without a
>password, even if the Administrator account has a strong password.
>The visitor can also operate in any of the other user accounts that may be
>present on the XP machine, even if those accounts have passwords.
>Unbelievably, the visitor can copy files from the hard disk to a floppy
>disk or other removable media - something even an Administrator is
>normally prevented from doing when using the Recovery Console.

Joshua MacCraw
warpmedia at comcast.net

More information about the list mailing list