JSI Tip 2372. Windows NT Server version 4.0, Terminal Server Edition security hole.

An ordinary user can add a registry entry that would cause any subsequent administrator logon to inadvertently run the users code.

To close this security hole, use Regedt32 to navigate to:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software

Use Security / Permissions to remove the write permission on this key for ordinary users.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish