Skip to content

11 Comments

Some Linux boot tools allow Windows reg edits, could be an issue as you can do them without account privilege. :)

If you have direct physical access, all bets are off. Back in the Win2K/WinXP days I had a diskette that booted Linux and ran a script to reset the machine’s Admin password to no password or to a password of choice.

This is a little different. If the user can be persuaded to install software from a remote source, system changes could be made.

If you’ve got Bitlocker turned on then a Linux boot won’t get you access to the C:\ drive where the registry hive files are stored… the data on the disk is just so much shredded cabbage without the passphrase.

My first thought after reading this article was to mitigate this with “Application Control”. However, I don’t see any application control option for ‘regedit.exe’ in Sophos Central policies.
Why is this?

Hopefully you’re quietly fixing this? I make this assumption simply because my comment above has not been published ;D

Simply another case of improper escaping. There are many CVEs due to this class of programming omissions. Generally, if some characters in the text to be displayed cause another behavior than just displaying that text, this is always considered as unsafe.

Another example of poor scripted testing letting a potentially serious bug through. The developers who write the test scripts never think there are such security issues with the software they have written so they are the wrong people to be writing the scripts and running the tests. When I worked in a software house we did scripted testing followed by user-style testing – deliberately looking for loopholes and/or ‘gotchas’ that were not shown up by scripted testing. Adds time to the process but improves the quality of the software and safety for users. Why don’t they work like that now? To save money at users’ expense.

This man is no fun.
He should have demonstrated the vulnerability with the message “Would you like a free ice-cream?”

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?