Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Windows :: win4940.htm

Hot keys permissions bypass under XP
20th Dec 2001 [SBWID-4940]

	Hot keys permissions bypass under XP


	 XP Home Edition 


	Charles  Chear  reported  following,   about   \"Hot   keys\"   allowing
	non-administrative users to  execute  Administrator  owned  applications
	which are not usually accessible to them.

	Hot keys are specially created buttons (or key combinations)  to  launch
	particular programs such as an Internet browser or word processor.  Many
	newer keyboards have them featured, and in my case, laptops as well.

	When XP is initially booted, all hot  keys  are  disabled  until  actual
	authentication of the administrator or first account.  Once  logged  in,
	hot keys are then enabled for use, usually by the  initialization  of  a
	program in the backround which assigns these hot keys.

	In some cases, such as a time of idle, XP will put itself  back  to  the
	login  screen  for  security  purposes.  This  will  require  users   to
	re-authenticate to get back to their current session,  whether  password
	protected or not.

	At this point, without logging in, and as long as the  user  session  is
	still alive, any local  user  has  the  ability  to  start  any  program
	assigned to the hot key -- no matter what permissions.

	This leads to a host of situations where the range of results  could  be
	just  merely  an  annoyance  (dozens  of  browsers   open)   or   actual
	exploitation. Local users could execute an known vulnerable  application
	(such as some sort of daemon) and exploit it remotely as it  is  running
	under administrative priveledges. That is, of course,  if  a  daemon  is
	actually assigned to the a hot key.

	There are limitations in this situation though. Hot  keys  are  disabled
	once logged in as an account besides that of  the  first/administrative.
	And to my knowledge so far, there is not a way to  get  the  program  to
	execute  and  be  available  on  any  desktop  besides   that   of   the







	 -Disable hot keys.

	 -Microsoft has been notified and a patch should be available soon.



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH