HKEY_LOCAL_MACHINE\SOFTWARE\Blackboard,
Inc.\CourseInfo40 VENDOR RESPONSE
Blackboard Inc. is aware of the problem and has recommended that users protect against remote registry access by asserting proper permissions on the operating systems "winreg" registry key.
Take note that this measure does not protect the registry key from access by a locally logged on user, so the risk remains if the system is shared by other users.
At the time of this writing, no response was available from Blackboard Inc. with regard to whether a patch or future product version would remedy the clear text password storage and loose registry key permissions.
CREDITS
|
CourseInfo Exposes Admin Psw
0 comments
Hide comments