Tech Tips / Windows NT / Installation and Configuration
Vulnerabilities in unattended installations
When an unattended installation of Windows NT 4.0 is performed, the installation parameters are included in the Unattend.txt file. A vulnerability exists because the installation process copies the parameter file to a file in %windir%\system32 ($winnt$.inf for a normal unattended installation, or $nt4pre$.inf if Sysprep was used), but doesn't delete it when the installation completes. By default, any user who can perform an interactive logon can read this file. If sensitive information such as account passwords were provided in the installation parameters file, the information could be compromised.
Submit your Tech Tips
If you're an experienced IT professional and would like to share your expertise with other Setup32.com readers, why not submit a new tip to our Tech Tips area?
Latest Tech Tips in this category
- Windows NT and Windows 9x can't share roaming profiles
- Application sharing between Win9x and Windows NT
- Quick disk safety nets for Windows 2000 upgrade
- Can't uninstall SP4 or higher?
- Apply service packs with a silent install
- Don't apply a 40-bit service pack over a 128-bit system
- Service Pack 6 or 6a?
- What service pack am I running?
Related Subjects
Certification Links
Contact Us | Advertise | Authors | Subject Index | RSS Feeds 
Copyright ©2009 Setup32.com