A security flaw recently revealed in Microsoft’s Windows XP could enable unauthorized users to access password-protected PCs. Using the Windows 2000 CD, anonymous users can apparently boot up a computer with the Windows XP OS and call up the troubleshooting program Windows 2000 Recovery Console. Using the program’s system recovery routine, the unauthorized user can then work under the guise of a Windows XP Administrator, effectively rendering any passwords useless. The flaw affects all XP user accounts, password-protected or not–visitors can then access files from the hard drive and copy to any removable media. Representatives from Microsoft were not immediately available for comment. Thomas Slodichak, chief security officer for WhiteHat in Burlington, Ontario, said the possible flaw was brought to his attention on Monday. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.