RE: The "Lunch Break Hole"

["David LeBlanc" <dleblanc () mindspring com>]

> There are chances that someone already knows your password, 
> and that he 
> uses a security hole of Windows 2000 to log into your machine without 
> leaving any logon/logoff traces in the Security log!
[snip]
> Because the locking of the machine creates no Security event 
> by design, a 
> local attacker can use this hole to log onto a locked machine 
> and lock this 
> machine again (when he is done), without leaving logon/logoff 
> traces of his 
> successful break in in the Security log! 

This does not repro on my XP Pro system. When I lock and unlock the
system, it creates events in the security events IF I have logon
auditing enabled. I haven't had time to test against Windows 2000.

And, BTW, if someone already knows your password, this should be the
least of your worries.