IE combined security package...

From: Otto Goencz (ogoencz@GREENWICHTECH.COM)
Date: 02/12/02


Date:         Tue, 12 Feb 2002 12:32:32 -0500
From: Otto Goencz <ogoencz@GREENWICHTECH.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

More of a question than bug report....
 
Platform: Win2K Professional SP2, assigned to a workgroup
 
Applied combined IE fix (link might be wrapped):
 
 
<http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secu
rity/bulletin/MS02-005.asp>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/bulletin/MS02-005.asp
 
Steps taken:
  Install package
  Reboot the machine
 
Result:
  Unable to log-in using the previous administrator account
 
Mitigating factors:
  
Couple of month ego the "Local Security Policy" was used to change the
name for The "Administrator" account to XYZ. Later on the "Computer
Management" applet was used to change the same administrator account to
WSX, without modifying the local security policy. This caused no
problems even if the PC was rebooted, until installing the IE combined
security package.
Upon rebotting the machine after the package installation, the log-in
screen showed the previous user which was WSX. Entering the password
numerous times resulted in "The system could not log you on...." error
message. The backup admin account (luck?) was used to log-in to the
machine and checking the existing user account. The user manager did not
have the WSX account, however, it did have the XYZ account. The latter
one was used to log-in to the machine with the existing password, with
no problems. After re-naming the account from XYZ to WSX with the user
manager and rebooting the machine, the WSX account is able to log-in.
 
Questions:
 
There are couple of issues what I don't have answers for. Obviously, the
symptoms described above could be attributed to the system
configuration. However.....
Why the local security settings aren't applied all the times when the
machine is rebooted?
What is IE package doing to re-arrange user accounts?
 
TIA....
 
Otto
 

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by Qualys - Make Your Network Secure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Go Beyond PARTIAL Security: FREE White Paper

Stop hassling with half-baked ENTERPRISE SECURITY.
FREE White Paper shows you how to ensure TOTAL security for your Internet
perimeter with the most current and most complete PROACTIVE Vulnerability
Assessment solution. Get your FREE White Paper now. Click here!
https://www.qualys.com/forms/techwhite_86.html
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo