1.

Solve : WARNING: Major security flaw in Windows XP (THAT DOESN'T HAVE A PATCH)?

Answer»

Now I don't know if this has being posted, nor do I know if this applies to Vista, but anyway...

When you install WINDOWS XP, there is a secret Administrator account automatically setup by Windows. This is an Administrator account with no password and can let viruses in. Setup a password for this account by following the following steps. DO NOT DELETE THE ACCOUNT.

1. In Normal mode, click on Start, click on Run and type in control userpasswords2 and click OK.
2. In User Accounts, choose Administrator and click on Reset Password.
3. Type a password. Read this article to create a strong password.
4. Click OK.
5. Click OK at User Accounts.

You're done.Is there any news or prove that you can attach here?How can viruses bypass that?Here

Quote

The standard behaviour of windowsXP etc. after installation is to automatically log the user in
as administrator, using a non-password protected administrator-account .

Many home-users never bother to set up a restricted user-account
but continue to use the admin-account, maybe adding a password ..

This is a HUGE security-flaw in windows as ANY code that executes will run with administrative privileges (or even as SYSTEM), allowing the code to do ANYTHING to your machine !!
(and I DO mean anything, it could even fry your hardware by disabling your fans
and/or mess with the voltages!!)
This is not a major security flaw if left alone. The idea of it is when you first set up windows XP, the computer creates the account Administrator, and you set up one too. If you screw up your computer or lock yourself out, the Administrator account is the one USED in Safe Mode to fix it.

If you disable the Administrator account it can screw up your computers safe mode.Yes, but an admin account let's you do anything to the computer. Disable hardware, install spyware/viruses, etc etc etc. If you setup a strong password, you can reduce the risk of that happening.Okay, I agree, Read this:

http://www.microsoft.com/technet/technetmag/issues/2006/01/SecurityWatch/Actually (this is also mentioned in the article Bones92 links to) the best advice is to either disable the account or leave the password blank (if you're only WORRIED about remote attacks and not attacks by someone who has physical access to the machine). The reason is that by default, accounts with blank passwords can only be logged in to locally, not remotely.
Security wise the best thing is probably to disable it. Even when disabled it will still be available in safe mode. This is the only situation anyone should ever need the admin account anyway.Ok, thank you Deerpark and Bones92.If someone REALLY really WANTS access to your system (my keys are typing... funny today) then they would load a Linux Live CD up on it and just copy the files to their friendly flash drive.

The best option you have is to upgrade to Vista Ultimate, and get BitLocker Drive Encryption.


Discussion

No Comment Found