Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aging Security Vulnerability Still Allows PC Takeover

Posted by Zonk on from the there-are-issues-here-and-perhaps-they-should-be-investigated dept.

Jackson writes "Adam Boileau, a security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password. By connecting a Linux machine to a Firewire port on the target machine, the tool can then modify Windows' password protection code and render it ineffective. Boileau said he did not release the tool publicly in 2006 because 'Microsoft was a little cagey about exactly whether Firewire memory access was a real security issue or not and we didn't want to cause any real trouble'. But now that a couple of years have passed and the issue has not resolved, Boileau decided to release the tool on his website."

2 of 282 comments (clear)

  1. Re:Breathtaking Arrogance or Stupidity? by mumblestheclown · · Score: 0, Troll

    What, expecting to be modded up for such "wisdom"?

  2. The REAL question is... by 93+Escort+Wagon · · Score: 0, Troll

    ... whether on not Microsoft will include this demonstrated vulnerability the next time they calculate the average time security vulnerabilities remain unpatched on Windows versus Linux.

    Wait, I forgot - they only include the vulnerabilities they've acknowledged.

    --
    #DeleteChrome