Windows XP FireWire attack defeats Windows Vista

A two-year old authentication bypass technique that received wide attention earlier this week as a means to get around Windows XP password protection also works on Windows Vista, a report released on Wednesday reveals. On Monday, New Zealand-based security researcher Adam Boileau released "winlockpwn," software for bypassing Windows XP SP2 authentication using a Linux PC […]

Share online:

A two-year old authentication bypass technique that received wide attention earlier this week as a means to get around Windows XP password protection also works on Windows Vista, a report released on Wednesday reveals. On Monday, New Zealand-based security researcher Adam Boileau released "winlockpwn," software for bypassing Windows XP SP2 authentication using a Linux PC connected via FireWire to a target Windows PC. He also explained that the technique works against computers running Linux, Mac OS X, and BSD Unix.

On his Web site, Boileau said Microsoft doesn't consider the attack a legitimate security vulnerability. Indeed, as Microsoft points out in the third of its 10 Immutable Laws of Security, "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore."

Two weeks ago, researchers from Princeton University, the Electronic Frontier Foundation, and Wind River Systems reaffirmed this proposition when they released details about how encryption keys for disk-based encryption systems could be recovered more easily by chilling a computer's memory chips.

Source:→ InformationWeek

Security, Vulnerability, Windows XP, Firewire, Windows Vista

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.