MS users Screwed Again? Hackers Gain System-Level Access To Vista
This article is more appropriate for Jordan, Cynthia Yoo or other NowPublic geeks and techies. It is presented here in it's entirety, and comments on how Linux-savvy users can use one of that OS's distributions to take control of a third person's Vista run computer. The attack is not possible using this method against any older Microsoft OS's.
If you are a geek or techie please comment on this as the rest of us would love to know how screwed-vulnerable Microsoft has left it's hapless user base.
"This video shows a method by which a user can use a Linux distro called BackTrack to gain system access to Windows Vista without logging into Windows or knowing the username or password for any accounts. To accomplish this, the user renames cmd.exe to Utilman.exe — this is the program that brings up the Accessibility options for users without sight or with limited vision. The attack takes advantage of the fact that the Utility Manager can be invoked before the user logs into the system. The user gains System access, which is a level higher than Administrator. The person who discovered this security hole claims that XP, 2000, 2003 and NT are not vulnerable to it; only Windows Vista is."
In the interest of fairness, I must admit I recently changed my laptop over from the factory-installed Vista to a free download of Ubuntu, a Linux-spawned OS.