Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Narrator Reads Password Aloud in Terminal Services Client

From: InfoSec News <isn () c4i org>
Date: Wed, 17 Jul 2002 08:57:11 -0500 (CDT)
Forwarded from: Christian Wright <cw () c4i org>

I was researching something else when I came across this great little 
Microsoft Q article:

Two things:

1.  I like their definition of "resolution".  That's not a resolution 
- that's a workaround buddy...

2.  Status - "A-yup, that there is a problem alright.  Sure is. 
Whoo-boy.  Let's get some lunch..."

-=-

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q243243

Narrator Reads Password Aloud in Terminal Services Client (Q243243)
------------------------------------------------------------------------
The information in this article applies to:
*       Microsoft Windows 2000 , Advanced Server 
*       Microsoft Windows 2000 , Professional 
*       Microsoft Windows 2000 , Server 
------------------------------------------------------------------------

SYMPTOMS

Microsoft Narrator is a synthesized text-to-speech utility for users who 
have low vision. When you are using Narrator, keystrokes that you type are 
read aloud. When you log on to a Terminal Services server in a Terminal 
Services client session, Narrator reads your user name, domain name, and 
password aloud. 

CAUSE

Terminal Services simply sends bitmap images to the client computer. It 
does not send any code describing which fields for which it wants data, so 
Narrator does not know to mask the password keystrokes. 

RESOLUTION

Many people who use Narrator use headphones so as not to disturb others. 
In this case, the password may not be heard by others. To work around the 
problem, you can turn down the volume on your speakers while you type the 
password. 

STATUS

Microsoft has confirmed this to be a problem in the Microsoft products 
that are listed at the beginning of this article. 

MORE INFORMATION

When you log on to a local computer, or in Microsoft Internet Explorer, 
Narrator masks password fields by calling out the word "password" instead 
of the keystrokes. 




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: