Break into a locked Windows via flash screen savers

X

xxp9

Guest
Hi I'm xxp9 at hotmail dot com. I found that one can easily break into a

locked Windows XP when a screen saver based on Adobe Flash Player is on.

Click your right mouse button you'll get the context menu of the flash

player. Then click "about Adobe Flash Player..." from the menu you'll get an

IE!

Then you can follow the famous "IME security hole". Run

"c:\windows\system32\cmd.exe" from

IE(open another IE window from "File"->"new window" if you failed to run

cmd.exe from the first one), input

net user xxp /add

net localgroup administrators xxp /add

to get the administrator's permission.

I also post in my blog, though, in Chinese, at xxp9 dot spaces dot live dot

com

----------------

This post is a suggestion for Microsoft, and Microsoft responds to the

suggestions with the most votes. To vote for this suggestion, click the "I

Agree" button in the message pane. If you do not see the button, follow this

link to open the suggestion in the Microsoft Web-based Newsreader and then

click "I Agree" in the message pane.

http://windowshelp.microsoft.com/communiti....vista.security

 
R

Richard G. Harper

Guest
That's why I don't use a screen saver - just blank the screen. style_emoticons/

--

Richard G. Harper [MVP Shell/User] rgharper@gmail.com

NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/

PLEASE post all messages and replies in the newsgroups

The Website - http://rgharper.mvps.org/

"xxp9" <xxp9@discussions.microsoft.com> wrote in message

news:677CCE8F-CE03-4636-AC3A-6AE4EB3F63DB@microsoft.com...<span style="color:blue">

> Hi I'm xxp9 at hotmail dot com. I found that one can easily break into a

> locked Windows XP when a screen saver based on Adobe Flash Player is on.

> Click your right mouse button you'll get the context menu of the flash

> player. Then click "about Adobe Flash Player..." from the menu you'll get

> an

> IE!

>

> Then you can follow the famous "IME security hole". Run

> "c:windowssystem32cmd.exe" from

> IE(open another IE window from "File"->"new window" if you failed to run

> cmd.exe from the first one), input

>

> net user xxp /add

> net localgroup administrators xxp /add

>

> to get the administrator's permission.

>

> I also post in my blog, though, in Chinese, at xxp9 dot spaces dot live

> dot

> com

>

>

>

> ----------------

> This post is a suggestion for Microsoft, and Microsoft responds to the

> suggestions with the most votes. To vote for this suggestion, click the "I

> Agree" button in the message pane. If you do not see the button, follow

> this

> link to open the suggestion in the Microsoft Web-based Newsreader and then

> click "I Agree" in the message pane.

>

> http://windowshelp.microsoft.com/communiti....vista.security </span>

 
D

Dustin Harper

Guest
I gotta change my screen saver. And remind me to change the combination on

my luggage (12345). style_emoticons/

--

Dustin Harper

dharper@vistarip.com

http://www.vistarip.com | Vista Resource & Information Page

"xxp9" <xxp9@discussions.microsoft.com> wrote in message

news:677CCE8F-CE03-4636-AC3A-6AE4EB3F63DB@microsoft.com...<span style="color:blue">

> Hi I'm xxp9 at hotmail dot com. I found that one can easily break into a

> locked Windows XP when a screen saver based on Adobe Flash Player is on.

> Click your right mouse button you'll get the context menu of the flash

> player. Then click "about Adobe Flash Player..." from the menu you'll get

> an

> IE!

>

> Then you can follow the famous "IME security hole". Run

> "c:windowssystem32cmd.exe" from

> IE(open another IE window from "File"->"new window" if you failed to run

> cmd.exe from the first one), input

>

> net user xxp /add

> net localgroup administrators xxp /add

>

> to get the administrator's permission.

>

> I also post in my blog, though, in Chinese, at xxp9 dot spaces dot live

> dot

> com

>

>

>

> ----------------

> This post is a suggestion for Microsoft, and Microsoft responds to the

> suggestions with the most votes. To vote for this suggestion, click the "I

> Agree" button in the message pane. If you do not see the button, follow

> this

> link to open the suggestion in the Microsoft Web-based Newsreader and then

> click "I Agree" in the message pane.

>

> http://windowshelp.microsoft.com/communiti....vista.security </span>

 
R

Richard G. Harper

Guest
Hey! I have the exact same combination on my luggage! :)

--

Richard G. Harper [MVP Shell/User] rgharper@gmail.com

NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/

PLEASE post all messages and replies in the newsgroups

The Website - http://rgharper.mvps.org/

"Dustin Harper" <dharper@vistarip.com> wrote in message

news:705226EC-0A74-477F-921F-0488A269EEC9@microsoft.com...<span style="color:blue">

>I gotta change my screen saver. And remind me to change the combination on

>my luggage (12345). style_emoticons/</span>

 
D

DevilsPGD

Guest
In message <677CCE8F-CE03-4636-AC3A-6AE4EB3F63DB@microsoft.com> xxp9

<xxp9@discussions.microsoft.com> wrote:

<span style="color:blue">

>Hi I'm xxp9 at hotmail dot com. I found that one can easily break into a

>locked Windows XP when a screen saver based on Adobe Flash Player is on.

>Click your right mouse button you'll get the context menu of the flash

>player. Then click "about Adobe Flash Player..." from the menu you'll get an

>IE!</span>

Adobe's Flash being a security hole? That isn't exactly news.

 
A

Adobe Flash Player

Guest
"xxp9" wrote:

<span style="color:blue">

> Hi I'm xxp9 at hotmail dot com. I found that one can easily break into a

> locked Windows XP when a screen saver based on Adobe Flash Player is on.

> Click your right mouse button you'll get the context menu of the flash

> player. Then click "about Adobe Flash Player..." from the menu you'll get an

> IE!

>

> Then you can follow the famous "IME security hole". Run

> "c:windowssystem32cmd.exe" from

> IE(open another IE window from "File"->"new window" if you failed to run

> cmd.exe from the first one), input

>

> net user xxp /add

> net localgroup administrators xxp /add

>

> to get the administrator's permission.

>

> I also post in my blog, though, in Chinese, at xxp9 dot spaces dot live dot

> com

>

>

>

> ----------------

> This post is a suggestion for Microsoft, and Microsoft responds to the

> suggestions with the most votes. To vote for this suggestion, click the "I

> Agree" button in the message pane. If you do not see the button, follow this

> link to open the suggestion in the Microsoft Web-based Newsreader and then

> click "I Agree" in the message pane.

>

> http://windowshelp.microsoft.com/communiti....vista.security</span>

 
M

MowGreen [MVP]

Guest
And the same last name as the OP. Who knew ? <w>

MG

Richard G. Harper wrote:

<span style="color:blue">

> Hey! I have the exact same combination on my luggage! :)

> </span>

 
You must log in or register to reply here.
Top Bottom