Re: MAJOR SECURITY FLAW IN WINDOWS XP - RESET ADMIN PASSWORD

From: David Cross [MS] (vaq130@hotmail.com)
Date: 07/15/02 

From: "David Cross [MS]" <vaq130@hotmail.com>
Date: Mon, 15 Jul 2002 06:39:23 -0700

if you are afraid of this threat, you should use SYSKEY to protect your SAM
after which this attack is no longer possible.

Note that your attack on XP does not expose any user secrets or private
keys - those are protected by DPAPI. 

--
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.
http://support.microsoft.com
"Paul Brown" <small_brown@yahoo.co.uk> wrote in message
news:1965c01c22a4f$758cf430$35ef2ecf@TKMSFTNGXA11...
> I have found a security loop hole with windows xp that
> allows you to set the administrator password to anything
> you want!
>
> I was browsing the knowledge base and found an article on
> how to reset a corrupted registry. By backing up the
> files SAM, SECURITY, SOFTWARE, DEFAULT & SYSTEM from
> the 'windows\system32\config\' directory and replacing
> them with the same files from 'windows\repair' (a backup
> of the registry from the orignal windows load) On my
> machine I had since changed the administrator password
> and upon reseting these files namely the SAM file my
> password went back to its original setting. I then tested
> this further by changing the administrator password
> to "password" copying the files to cd and replacing the
> registry files on my laptop. this worked and i logged in
> as administrator. The machine was terribly slow, probably
> due to the registry being changed to that from a
> different machine but I had managed to login as
> administrator within minutes. Please give some feedback
> on these findings.

Relevant Pages

  • Re: MAJOR SECURITY FLAW IN WINDOWS XP - RESET ADMIN PASSWORD
    ... This is not a security loop at all, it's a means to reset your password. ... > allows you to set the administrator password to anything ... > how to reset a corrupted registry. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: MAJOR SECURITY FLAW IN WINDOWS XP - RESET ADMIN PASSWORD
    ... This is why it is always said that Physical Security ... which will automate the registry replacement you ... > allows you to set the administrator password to anything ... > to "password" copying the files to cd and replacing the ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Securing the Registry.
    ... Also stop Remote Registry service and use Syskey in password-protected ... > web server, the best resource of all was probably Improving Web ... Restrict remote administration of the registry. ... Secure the SAM. ...
    (microsoft.public.windows.server.security)
  • Re: Securing the Registry.
    ... Also stop Remote Registry service and use Syskey in password-protected ... > web server, the best resource of all was probably Improving Web ... Restrict remote administration of the registry. ... Secure the SAM. ...
    (microsoft.public.security)
  • Re: MAJOR SECURITY FLAW IN WINDOWS XP - RESET ADMIN PASSWORD
    ... > allows you to set the administrator password to anything ... > how to reset a corrupted registry. ... > of the registry from the orignal windows load) On my ...
    (microsoft.public.windowsxp.security_admin)