"Abhishek Choudhary" <Abhishek Choudhary@discussions.microsoft.com> wrote in
message news:84B823DA-703D-4A9A-AC36-EA623537E69F@microsoft.com...
> There is a serious bug found in Windows Vista Ultimate, which allow the
> user
> to login in to Window Vista System without providing any credential. It
> just
> requires the attacker to access the victim system, for the first time. To
> gain access to victim system, follow these steps.
>
> 1) Open System32 folder of your windows.
> 2) Copy Cmd.exe, Magnify.exe and paste it in two different locations, for
> safety purpose.
> 3) Rename the cmd.exe to Magnify.exe on the backup location.


And ... what access rights do you need to have to the system for step 4,
which writes to the system32 directory?

> 4) Copy & paste the renamed cmd.exe to system32 folder, this asks for
> replacing the Magnify.exe, just continue with replacing.

Oh, yes, that's right, it requires you have administrator access to write to
that directory.

So, if you're an administrator, you can hack the machine so that you don't
have to log on.

Brilliant.

I can do that with a couple of registry entries.

Alun.
~~~~
--
Texas Imperial Software | Web: http://www.wftpd.com/
23921 57th Ave SE | Blog: http://msmvps.com/alunj/
Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.