Bugtraq mailing list archives
Re: Hidden accounts on sony vaio laptops
From: "Williams, James K" <James.Williams () ca com>
Date: Tue, 8 Nov 2005 13:49:33 -0500
Not a Sony issue. This setup has been documented by MS since the release of Windows XP in 2001. "Q: How can I add an Administrator password to make my computer more secure? A: Another way to make your computer more secure is to assign a password to the Administrator account, which is blank by default. An Administrator account is a user account that has full permissions and control over a computer, can gain access to and modify all user accounts on a computer, and can only be accessed from safe mode." http://www.microsoft.com/windowsxp/using/setup/getstarted/installqa.mspx Regards, Ken Williams ; Dir. Vuln Research Computer Associates ; 0xE2941985
List: bugtraq Subject: Hidden accounts on sony vaio laptops From: yash.kadakia () securityforge ! com Date: 2005-11-07 14:08:09 Sony Vaio laptops require you to create a user account the first time you start your laptop. If the user you select is not "Administrator", Sony still goes ahead and creates a user "Administrator" with a blank password. This user does not show up in control panel under User Accounts but if you do start up in safemode the laptop allows you to login as Administrator. This gives an attacker an opportunity to gain administrative access to a computer and access to create add delete or modify user accounts. This is basically a backdoor account that is hidden from the user and compromises the security of all Sony Vaio laptops.
Current thread:
- Hidden accounts on sony vaio laptops yash . kadakia (Nov 07)
- <Possible follow-ups>
- Re: Hidden accounts on sony vaio laptops Williams, James K (Nov 08)