Tech Tips / Windows NT / Security
As all good network admins know, an Emergency Repair Disk is an absolute necessity and you, of course, frequently create one using the Rdisk utility from the command line. However, there's a possible security vulnerability if the ERD creation process is interrupted. During the creation process, a temporary file is created that lists all of the registry hives and their current settings. The permissions on this file don't prevent anyone from reading or changing the temporary file's contents while Rdisk is running.
When the Rdisk tool completes the update procedure, the temporary file is deleted. However, if the Rdisk tool is interrupted or ends abnormally (requiring a restart), the file may still be accessed after the computer is rebooted. The file can also be read while the Rdisk tool is running.
Microsoft has released a hot fix for this security breach, a mere 129-KB download called RDISK Registry Enumeration File Vulnerability (filename Q249108i.exe). Better safe than sorry!
Pass your MCSE certification exams with EasyCert - the most realistic exam simulations available today! Click the links bellow for free MCSE demos.
If you're an experienced IT professional and would like to share your expertise with other Setup32.com readers, why not submit a new tip to our Tech Tips area?
Sponsored Links