MAJOR security hole via MS Word
From: Dan Desmarais (ddesmarais@tencorp.com)
Date: 10/14/02
- Next message: Steve Bostedor: "Re: Finding out particular admin username!"
- Previous message: Robert Burris: "Re: Crack Win98"
- Next in thread: Karl Levinson [x y] \(MVP\): "Re: MAJOR security hole via MS Word"
- Reply: Karl Levinson [x y] \(MVP\): "Re: MAJOR security hole via MS Word"
- Reply: Dmitry Kulshitsky: "Re: MAJOR security hole via MS Word"
- Reply: Greg: "MAJOR security hole via MS Word"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dan Desmarais" <ddesmarais@tencorp.com> Date: Mon, 14 Oct 2002 05:54:56 -0700
I do network admin for a small high school. We've got Win
2K servers and Win XP on the desktop. Students are using a
manditory profile and we are using Group Policies to
enforce system security.
Just now, a STUDENT came up to me and showed me this:
He logged onto a workstation as himself. Login went
normally. The login Script ran ok, and he loaded his
profile ok.
Then, he went to a Word document. He typed "C:\"
Then highlighted and selected Insert | Hyperlink. He set
the target to C:\. Then he clicked on it, and he had full
access to the C: drive!!!!!
Even though Group Policies gives him no access to C:\,
even though he has no local account with any local rights
at all, he was able to create, edit and delete ANY FILE HE
WANTED!
It's SOOO simple! And it seems to give unrestricted access
to the local drive. Does anyone else know about this? Does
anyone know a fix?
- Next message: Steve Bostedor: "Re: Finding out particular admin username!"
- Previous message: Robert Burris: "Re: Crack Win98"
- Next in thread: Karl Levinson [x y] \(MVP\): "Re: MAJOR security hole via MS Word"
- Reply: Karl Levinson [x y] \(MVP\): "Re: MAJOR security hole via MS Word"
- Reply: Dmitry Kulshitsky: "Re: MAJOR security hole via MS Word"
- Reply: Greg: "MAJOR security hole via MS Word"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
