Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Re: L0pht Security Advisory: Windows NT

Re: L0pht Security Advisory: Windows NT

Paul Ashton (paulARGO.DEMON.CO.UK)
Fri, 19 Feb 1999 11:23:44 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Lamont Granquist: "More Buffer Overflows in Digital Unix"
Previous message: Yiorgos Adamopoulos: "Yet Another password storing problem (was: Re: Possible Netscape"
Maybe in reply to: Dildog: "L0pht Security Advisory: Windows NT"

Dildog <dildogL0PHT.COM> writes:
>                           L0pht Security Advisory

> ---
> Workarounds/Fixes:
> ---
>
>       I developed a patch for this security problem in the form of a
> Win32 Service program that can be installed by the Administrator of the
> system. It sets itself to run every time the system is started, and before
> the user has the opportunity to start a program, it adjusts the
> permissions of the DLL cache to something much safer.

Alternatively, you can set
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ProtectionMode=1
and reboot.


Paul

Next message: Lamont Granquist: "More Buffer Overflows in Digital Unix"
Previous message: Yiorgos Adamopoulos: "Yet Another password storing problem (was: Re: Possible Netscape"
Maybe in reply to: Dildog: "L0pht Security Advisory: Windows NT"