Re: Circumventing Critical Security in Windows XP

[Ansgar Wiechers <bugtraq () planetcobalt net>]

On 2010-02-17 barkley () usa net wrote:
> I've detailed below just how easy (too easy) it is to circumvent the
> security of the following critical security services. Thus can't now
> become can!
>
> It goes without saying that malware on entering a system by whichever
> means, and on detecting critical security services, can now even more
> easily (automated/scripted) disarm critical security services, just by
> modifying unprotected registry entries, for whatever malevolent
> purposes.
>
> I've created registry entries (I can send these to you should you be
> interested) to demonstrate just how easy it is to circumvent the
> security of these critical security services, which unfortunately is
> all too easily a very effective way of immobilising critical security
> functions i.e. firewall, antivirus etc. This in my opinion is
> certainly not a vulnerability nor a flaw so to speak, but rather a
> functional design oversight?

Unless you give details on what you actually did, any discussion is
rather futile. I do have a feeling, though, that the modifications you
made require administrator privileges. In which case there isn't any
kind of vulnerability or security flaw.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq