Vulnerability Development mailing list archives
Vulnerability in Windows 2000 policy
From: Andrejus Stavickis <andrej () KTU EDU>
Date: Tue, 17 Oct 2000 17:44:43 +0200
Hi, as You know, there are a group policies in Windows 2000. So i done an experiment with it. software: Windows 2000 Server SP1, Windows 2000 Professional SP1. Workaround: 1. create a domain, or OU group policy, which disables registry editing tools. Now user should not run regedit.exe and regedt32.exe, and it's true, but user still able to merge .REG file into the registry. So there are one step for user needed to disable policies: create a .reg file and merge it into the registry, Also there are a possibility to control file extensions, but it's don't help. Solution: You must disable regedit.exe and regedt32.exe together with registry editing tools. Sincerely, --Andrejus Stavickis (MCSE+I, MCSD, MCDBA, MCT) KTU SC UESM Studentu 48a-203 Kaunas, 3028 LITHUANIA phone: +370 7 300633 Cellular phone: +370 87 15664 fax: +370 7 352995 ICQ: 2402709
Current thread:
- Vulnerability in Windows 2000 policy Andrejus Stavickis (Oct 24)
- Re: Vulnerability in Windows 2000 policy Masial (Oct 24)
- Re: Vulnerability in Windows 2000 policy Andrew Reisse (Oct 24)