OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Otto Goencz (ogoenczGREENWICHTECH.COM)
Date: Tue Feb 12 2002 - 11:32:32 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    More of a question than bug report....
     
    Platform: Win2K Professional SP2, assigned to a workgroup
     
    Applied combined IE fix (link might be wrapped):
     
     
    <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secu
    rity/bulletin/MS02-005.asp>
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
    ity/bulletin/MS02-005.asp
     
    Steps taken:
      Install package
      Reboot the machine
     
    Result:
      Unable to log-in using the previous administrator account
     
    Mitigating factors:
      
    Couple of month ego the "Local Security Policy" was used to change the
    name for The "Administrator" account to XYZ. Later on the "Computer
    Management" applet was used to change the same administrator account to
    WSX, without modifying the local security policy. This caused no
    problems even if the PC was rebooted, until installing the IE combined
    security package.
    Upon rebotting the machine after the package installation, the log-in
    screen showed the previous user which was WSX. Entering the password
    numerous times resulted in "The system could not log you on...." error
    message. The backup admin account (luck?) was used to log-in to the
    machine and checking the existing user account. The user manager did not
    have the WSX account, however, it did have the XYZ account. The latter
    one was used to log-in to the machine with the existing password, with
    no problems. After re-naming the account from XYZ to WSX with the user
    manager and rebooting the machine, the WSX account is able to log-in.
     
    Questions:
     
    There are couple of issues what I don't have answers for. Obviously, the
    symptoms described above could be attributed to the system
    configuration. However.....
    Why the local security settings aren't applied all the times when the
    machine is rebooted?
    What is IE package doing to re-arrange user accounts?
     
    TIA....
     
    Otto
     

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Delivery co-sponsored by Qualys - Make Your Network Secure
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Go Beyond PARTIAL Security: FREE White Paper

    Stop hassling with half-baked ENTERPRISE SECURITY.
    FREE White Paper shows you how to ensure TOTAL security for your Internet
    perimeter with the most current and most complete PROACTIVE Vulnerability
    Assessment solution. Get your FREE White Paper now. Click here!
    https://www.qualys.com/forms/techwhite_86.html
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo