SysKey Keystream Reuse Reported December 16, 1999 by BindView The SysKey technology, which made it"s first appearance within Service Pack 4, is vulnerable to because the RC4 key is reused. This is basically the same problem that was discovered in Microsoft"s PPTP implementation quite some time ago.
According to Microsoft"s report, "The vulnerability
allows a particular cryptanalytic attack to be effective against Syskey, significantly
reducing the strength of the protection it offers. The patch eliminates the vulnerability
and
Microsoft is aware of this issue adn has released a FAQ,
Support Online article Q248183,
and patches for Intel and Alpha
platforms
Discovered by Todd Sabin |
SysKey KeyStream Reuse - 21 Oct 1999
0 comments
Hide comments