Vulnerability Development mailing list archives

Vulnerability in Windows 2000 policy

From: Andrejus Stavickis <andrej () KTU EDU>
Date: Tue, 17 Oct 2000 17:44:43 +0200

        Hi,

  as You know, there are a group policies in Windows 2000. So i done an
experiment with it.

software: Windows 2000 Server SP1, Windows 2000 Professional SP1.

Workaround:

1. create a domain, or OU group policy, which disables registry editing
tools. Now user should not run regedit.exe and regedt32.exe, and it's true,
but user still able to merge .REG file into the registry. So there are one
step for user needed to disable policies: create a .reg file and merge it
into the registry, Also there are a possibility to control file extensions,
but it's don't help.

Solution:

You must disable regedit.exe and regedt32.exe together with registry editing
tools.

   Sincerely,

--Andrejus Stavickis (MCSE+I, MCSD, MCDBA, MCT)
KTU SC UESM
Studentu 48a-203
Kaunas, 3028
LITHUANIA
phone: +370 7 300633
Cellular phone: +370 87 15664
fax: +370 7 352995
ICQ: 2402709

Current thread:

Vulnerability in Windows 2000 policy Andrejus Stavickis (Oct 24)
- Re: Vulnerability in Windows 2000 policy Masial (Oct 24)
- Re: Vulnerability in Windows 2000 policy Andrew Reisse (Oct 24)