Vulnerability Development mailing list archives
RE: Does MSN Messenger Bypass Group Policy?
From: "Robert Sullivan" <rsullivan () art-line com>
Date: Tue, 30 Jul 2002 12:03:09 -0500
Another neat trick that you can do is to schedule a task. Even if you don't have access to run any programs, the system will run the program for you. If you don't have access to scheduled tasks, you can run forbidden programs if they are spawned from allowed programs! We used Microsoft's C++ at school, which was one of the few allowed programs.
From there you could just open a binary (like minesweeper :), then go
"run program" and it would run like a champ. This was in a Windows 98/NT environment, I don't know if it works on 2000/XP. -- Bob Sullivan Art Line Inc. rsullivan () art-line com -----Original Message----- From: uraken [mailto:uraken () myrealbox com] Sent: Tuesday, July 30, 2002 4:56 AM To: vuln-dev () securityfocus com Subject: Re: Does MSN Messenger Bypass Group Policy? In-Reply-To: <000301c23403$fbae5e10$05290a0a@vaio> I came across a similar scenario with AOL instant messenger a few years back. Windows 95 clients on a NetWare network. Login scripts enforced the "only allow these executables" policy. With aim.exe not on the "allowed list", it would still run if spawned from the registry (instead of the startup folder). I guess that way windows treated AIM as a service and not an application, therefore making it exempt from the policy!? Would be interesting to see if this works for other apps regrds Uraken -----Original Message----- From: Andy Wood [mailto:andy () focalpoint hrcoxmail com] Sent: 25 July 2002 18:52 To: vuln-dev () securityfocus com Subject: Does MSN Messenger Bypass Group Policy? Pls ignore this if it has been a discussion in the past. If msmesgs.exe is set in the "Don't run specified windows applications" within the Group Policy and you then try to execute the app the msg states that the action was cancelled due to restrictions....like it should. However, when Outlook XP is started MSN Messenger starts as well. Feature or flaw? Thanks, Andy
Current thread:
- Does MSN Messenger Bypass Group Policy? Andy Wood (Jul 25)
- <Possible follow-ups>
- Re: Does MSN Messenger Bypass Group Policy? uraken (Jul 30)
- RE: Does MSN Messenger Bypass Group Policy? Robert Sullivan (Jul 30)
- Re: Does MSN Messenger Bypass Group Policy? Tim McKenzie (Jul 30)
- RE: Does MSN Messenger Bypass Group Policy? Robert Sullivan (Jul 30)