Hall of Fame

1. snoopfrogg85,925
2. oBdA75,416
3. dstewartjr62,335
4. Paranorm...61,156
5. McKnife53,797
6. bbao45,259
7. richrumble40,628
8. mkline7138,275
9. johnb676737,201
10. DaveHowe36,256
11. toniur29,970
12. bluntTony29,767
13. CoccoBill26,861
14. rpggamer...25,500
15. Admin3k22,327
16. keith_ala...21,450
17. Americom20,700
18. xmachine18,300
19. Shift-317,100
20. tigermatt16,600
21. demazter16,345
22. MikeHolcomb16,068
23. Chris-Dent15,000
24. Mestha14,450
25. xxdcmast13,933

1. richrumble716,889
2. r-k434,942
3. oBdA378,303
4. Sheharya...355,518
5. trywaredk297,335
6. war1296,544
7. rpggamer...290,883
8. gidds99274,092
9. Phil_Agc...244,228
10. toniur235,529
11. KCTS217,346
12. CoccoBill209,880
13. sirbounty194,693
14. McKnife181,860
15. bbao173,429
16. PeteLong163,654
17. johnb6767161,905
18. sunray_...146,627
19. snoopfrogg134,851
20. Jay_Jay70118,090
21. leew114,761
22. PowerIT98,045
23. mdiglio97,751
24. younghv91,820
25. rindi90,461

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

5.0

Restricting Switching to System Account

Asked by david323 in Windows Network Security

Tags: access, account, changing

What is the best way to prevent users from switching to the System account using Task Scheduler? I need a precise method; I don't want to disable the Task Scheduler. Switching to the System account allows an attacker to accomplish things normally prevented in his or her regular policies in their own account. Such as changing the computer's date and time, debugging programs, etc. I have known of this bug for quite some time, ever since Windows 2000 came out. And the vulnerability still exists on Windows XP Home Edition, Version 2002, SP2 (the one I am using). Does this vulnerability still exist on Windows XP Professional? Here are the steps for the attack:

1) Start / Run cmd
2) If the time is 11:23 a.m., then enter "at 11:24am /interactive taskmgr.exe" without the quotes.
3) When Task Manager launches less than a minute later End Task explorer.exe under Processes. The desktop will disappear, but Task Manager will remain.
4) Wait one full minute for the system to adjust itself (things happening in the background). This may or may not be necessary. It is on my computer. You'll know you're good to go when you can access the pull-down menus in Task Manager again.
5) Under File in Task Manager choose New Task (Run...) and type "explorer" (without the quotes). And click OK.
6) You should see the green rolling hills of the default Windows XP desktop, and if you click on the Start button you'll see System at the top.
7) You are now logged in as God... I mean System. You can now view the SAM data in the registry, view the Protected Storage data in the registry and jump up and down with mischievous joy!

Any solution should allow for two things:

1) The fix must restrict Administrators, which is what a great many users are.
2) The fix must not require disabling the Task Scheduler.
3) It preferably would be the same fix for Windows XP Home and Windows XP Professional (if this is still an issue on Windows XP Professional)

If someone can test this (it'll only take a minute and doesn't crash your computer or anything) on Windows XP Professional and let me know I'd appreciate it too.

View the Solution FREE for 30 Days

20091021-EE-VQP-81

Restricting Switching to System Account

Asked by david323 in Windows Network Security

Tags: access, account, changing

About this solution