Bugtraq mailing list archives
Re: ZoneAlarm Security Circumvention
From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Mon, 8 Mar 2010 22:56:17 +0100
On 2010-03-08 Andrew Barkley wrote:
The following illustrates how one can easily disable ZoneAlarm's security for whatever malevolent purposes. This "vector" so to speak, is merely "abusing" a particular branch of the Windows registry, by registering this security service as disabled. When "exploiting" this "vector" (administrative privileges are assumed
Anything starting with "a user with administrative privileges can ..." is neither a vulnerability nor a design flaw. Administrators can by design do anything they want on the system. Period. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- ZoneAlarm Security Circumvention Andrew Barkley (Mar 08)
- Re: ZoneAlarm Security Circumvention Ansgar Wiechers (Mar 15)