SysKey Keystream Reuse
Reported December 16, 1999 by BindView
The SysKey technology, which made it"s first appearance within Service Pack 4, is vulnerable to because the RC4 key is reused. This is basically the same problem that was discovered in Microsoft"s PPTP implementation quite some time ago.
According to Microsoft"s report, "The vulnerability
allows a particular cryptanalytic attack to be effective against Syskey, significantly
reducing the strength of the protection it offers. The patch eliminates the vulnerability
Discovered by Todd Sabin