Yeah, I jumped too soon; I tested it when I got home, and
verified that it doesn't work with user or power user privs. Sorry for the
noise.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN
Sent: Tuesday, August 01, 2006 9:50 PM
To: [email protected]
Subject: RE: [ActiveDir] OT: XP exploit
Interesting exploit.
Although I think this might not be new. I fired up a somewhat old Windows
XP VM I had to test it, and despite the fact that standard users had permissions
to read&execute AT.EXE, they were still denied access. Same deal on my
company workstation which is absolutely up to date. I'm assuming that may
be due to a patch that came through at some point in the past?
I just wanted to make sure so I know
whether I need to act on this or not.
From: [EMAIL PROTECTED] on behalf of Derek Harris
Sent: Tue 8/1/2006 7:20 PM
To: [email protected]
Subject: [ActiveDir] OT: XP exploit
Use GPO to prevent users from running the scheduler. Need
to do a reg
hack to block local accounts.
http://www.projectstreamer.com/users/r0t0r00t3r/xp_priv_esc/xp_priv_esc.
html
List
info : http://www.activedir.org/List.aspx
List
FAQ : http://www.activedir.org/ListFAQ.aspx
List
archive: http://www.activedir.org/ml/threads.aspx
