The High-Hanging Fruit

The High-Hanging Fruit
Mark Burnett, 2005-02-22

Now that Microsoft has pruned Windows of its most serious remote-access holes, its time Redmond fixes the local vulnerabilities too.

Colapse all | Post comment

The High-Hanging Fruit 2005-02-23
John Yii (1 replies)

Mark, have you report this to Microsoft? And if so, what was the response?...

[ more ] [ reply ]

The High-Hanging Fruit 2005-02-25
Anonymous

I noticed this sometime ago and sent an e-mail to MS. No response though.

They must know about it, because you get a warning if you create a file called "Program.exe" in the root of "C:"....

[ more ] [ reply ]

The High-Hanging Fruit 2005-02-24
Mark Burnett

This issue has been known for years, although not widely documented, checked, or abused for some reason. Perhaps it is so old that people forget it still works.

It was a huge issue with NT4 and Windows 2000 because the default permissions for the root dir were so loose. I have seen at least one ...

[ more ] [ reply ]

The High-Hanging Fruit 2005-02-28
H Carvey <keydet89@yahoo.com>

"It turns out there is a registry key that you can set to turn off this warning."

which one?...

[ more ] [ reply ]