RE: [Full-Disclosure] RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access

From: Phillip R. Paradis (prp17_at_adelphia.net)
Date: 09/18/04

  • Next message: Michael Wilson, Contractor: "[Full-Disclosure] RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"
    To: <mwwilson@navo.hpc.mil>, "'Michael Scheidell'" <scheidell@secnap.net>, "'Chris Norton'" <kicktd_list@hotmail.com>, <full-disclosure@lists.netsys.com>
    Date: Fri, 17 Sep 2004 23:51:37 -0400
    
    

    > I guess that means "If you call IBM support and you have
    > changed your local
    > administrator password to anything other than blank, then we
    > may not be able
    > to help you out of the bind you have gotten yourself into
    > (data loss)".

    See my prior post. To change the password without losing the contents of
    Protected Storage, log in as the affected account, and use the normal method for
    changing one's own password. (Which depends on whether the Welcome Screen is
    enabled or not; if not, press Ctrl-Alt-Del and click Change Password. If the
    Welcome Screen is enabled, the option is somewhere in the Users control panel,
    though since I never use the Welcome Screen, I don't recall where, exactly.)

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Michael Wilson, Contractor: "[Full-Disclosure] RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"