('binary' encoding is not supported, stored as-is) FYI, I have tested this new hotfix and it seems to work
although I disagree with their implementation
approach. Unfortunately, Microsoft developers have
taken the approach of monitoring for attempts to read
exclusive lock only Group Policy files and, when
encountered, to change the lock to a shared read.

"How does the patch eliminate the vulnerability?
The patch causes Windows 2000 to monitor read
requests to Group Policy files, and to map any
requests for exclusive read access to shared read
access instead. " -Microsoft

This is really a poor way of mitigating the vulnerability.
A better solution would be to fix the vulnerability in the
file system itself. Because of this poor approach a
Microsoft operating system, including a Domain
Controller, is still vulnerable through this process to
multiple exploits. Some examples follow:

"2. It's possible to lock screensaver file to prevent
workstation to
be locked by another user
3. It's possible to deny access to administrative
utilities and/or batch
jobs from running by administrator or system
4. It's possible to deny another user's logon in many
ways
5. It's possible to deny access to shared programs,
documents, etc...
..." -http://cert.uni-
stuttgart.de/archive/bugtraq/2001/12/msg00080.html

In addition, although Microsoft Windows NT does not
employ Group Policies, System policies are
vulnerable to this attack as well as any shared
programs, documents, etc.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]