Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
BugTraq
Windows Vista Power Management & Local Security Policy Jul 18 2008 02:39AM
Abe Getchell (me abegetchell com) (3 replies)
Re: Windows Vista Power Management & Local Security Policy Aug 01 2008 08:43PM
William A. Rowe, Jr. (wrowe rowe-clan net)
Abe Getchell wrote:
> When the security option "Shutdown: Allow system to be shutdown without
> having to log on" (in the local security policy) is set to "Disable", and
> the power management setting "When I press the power button" is set to "Shut
> Down", it is possible for an unauthenticated user to press the power button
> at the Windows logon screen and gracefully shutdown the system.

It is also possible for the unauthenticated user to unplug the power cord.
What would you like them to do about that?

> I reported this to the MSRC on 6/25/2008 and their stance was that this
> wasn't a security vulnerability

Good call.

Now, if for some reason a remote user was able to obtain a 'local user'
login screen, that would be a serious issue. Physical access to the box
trumps most security measures we are able to apply.

[ reply ]
RE: Windows Vista Power Management & Local Security Policy Jul 27 2008 09:26PM
Greg (bugtraq1 pchandyman com au)
RE: Windows Vista Power Management & Local Security Policy Jul 19 2008 05:36AM
Jim Harrison (Jim isatools org) (1 replies)
RE: Windows Vista Power Management & Local Security Policy Jul 19 2008 07:33AM
Abe Getchell (me abegetchell com) (1 replies)
RE: Windows Vista Power Management & Local Security Policy Jul 19 2008 10:19PM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
RE: Windows Vista Power Management & Local Security Policy Jul 20 2008 07:32PM
Abe Getchell (me abegetchell com) (1 replies)
RE: Windows Vista Power Management & Local Security Policy Jul 20 2008 08:33PM
Jim Harrison (Jim isatools org) (1 replies)
RE: Windows Vista Power Management & Local Security Policy Jul 20 2008 10:04PM
Abe Getchell (me abegetchell com) (1 replies)
RE: Windows Vista Power Management & Local Security Policy Jul 22 2008 03:15PM
James C. Slora Jr. (james slora phra com) (2 replies)
RE: Windows Vista Power Management & Local Security Policy Jul 22 2008 10:37PM
Abe Getchell (me abegetchell com)
RE: Windows Vista Power Management & Local Security Policy Jul 22 2008 07:46PM
Jim Harrison (Jim isatools org)







 

Privacy Statement
Copyright 2008, SecurityFocus