Big security failure!!!

[Angel Massa]

Yesterday after having some unstability problems I started Vista in safe
mode. I was surprised to see that then I had the option to login with the
Administrator accound that doesn't appears during normal operation.

The Administrador accound had NO PASSWORD. I've never been asked for an
Administrator password during the setup as XP does.

This means that most of the Vista installations must have the Administrator
accound with blank password!!!

To get access to any computer you only have to boot in save mode login as
Administrator and do anything you want to the system or other users files. I
can't believe it's so stupid after all the UAC, firewalls, antispyware stuff
Microsoft has put into Vista.

Please somebody tell me I'm wrong.

Regards,
Angel.

 

[Gary Mount]

Since someone can't boot up your computer in safe mode from the Internet, it
seems to me that it would be safe to have no password for the Administrator
account.
Even if you did have a password, I still could physically take your hard
drive (if I had physical access of course) and plug it into my computer and
access all your files, unless you have encrypted them.

If you have to use safe mode and use the Administrator account that doesn't
have a password, it might be a good idea to disconnect from the Internet
until you have gotten your "safe mode" problems solved and boot back into
normal mode.

 

[Angel Massa]

No way!

Local security is so important as Internet security. I can't imagine an OS
that allows anyone in a company to get full access on any computer just
starting in safe mode. That's really crazy.

Of course somebody can take the hard drive or even take the full computer.
But this is much more noticeable and also if they don't have an admin
password they can't log into the account or take ownership of files to open
them.

Regards,
Angel.

 

[Beck]

Yesterday after having some unstability problems I started Vista in safe
mode. I was surprised to see that then I had the option to login with the
Administrator accound that doesn't appears during normal operation.

The Administrador accound had NO PASSWORD. I've never been asked for an
Administrator password during the setup as XP does.

This means that most of the Vista installations must have the
Administrator accound with blank password!!!

To get access to any computer you only have to boot in save mode login as
Administrator and do anything you want to the system or other users files.
I can't believe it's so stupid after all the UAC, firewalls, antispyware
stuff Microsoft has put into Vista.

Posted by Mark Dietz in another thread yesterday...

Start the system in safe mode. It will then show you Administrator on the
screen. From here, you want to log in as Administrator, open up computer
management by right clicking on "Computer" and selecting manage. Under
computer
management, select the users and groups, then users. You will need to enable
the
Administrator account, and I would also set a password. There is then a
registry
hack that needs run to add the account to the welcome screen under normal
boot,
but I'm not sure what exactly it is. This "hack" is the same as the one used
in
XP, so if you find it for XP, you've found it for Vista.

 

[Angel Massa]

I still can't believe that the Administrator account works this way in
Vista.

It's like having the best save box in the World and leave the door open.

Regards,
Angel.

 

[Guest]

The Administrador accound had NO PASSWORD.

Administrator account and guest account are disabled by default (you can see
a red X from the users list)

 

[Beck]

I still can't believe that the Administrator account works this way in
Vista.

It's like having the best save box in the World and leave the door open.

It certainly does seem a bit odd.
I know most end users probably don't even use an admin account but they
could at least make it easier to setup for those that do know to use one.

 

[Angel Massa]

And for using it you only have to start in safe mode as explained on my
first post. Without using any password!!!

So any user can enter safe mode pressing F8 and he can delete all users
accounts, get ownership of other users files or uninstall software and
drivers.

That's what I call security.

 

[Gary Mount]

Some one could just boot off of a floppy or cd drive to gain access to the
computer.
BitLocker (included with Windows Vista) can be used, then nobody can boot
the computer without the key, and the files are encrypted so they can't do
anything with the files.

 

[Angel Massa]

All this technologies are very nice. But this is not related to the problem
I'm talking about.

A default installation of Vista is totally open and insecure if you don't
set a password for the Administrator account before start using the
system!!! This should be done during the installation to secure the system
before first use.

Any user without security knowledge will just install Vista and will never
set the password for his Administrator account so his computer will not be
secure.

All the security and control features of Vista will fail for this stupid
thing. For example parental controls are useless if the kid can just start
as administrator, deactivate parental control or create a new user account
without restrictions for himself.

Regards,
Angel.

 

[Jimmy Brush]

Hopefully this will change in a future build. Someone has already filed a
bug for this.

- JB

 

[jonah]

Yesterday after having some unstability problems I started Vista in safe
mode. I was surprised to see that then I had the option to login with the
Administrator accound that doesn't appears during normal operation.

The Administrador accound had NO PASSWORD. I've never been asked for an
Administrator password during the setup as XP does.

This means that most of the Vista installations must have the Administrator
accound with blank password!!!

To get access to any computer you only have to boot in save mode login as
Administrator and do anything you want to the system or other users files. I
can't believe it's so stupid after all the UAC, firewalls, antispyware stuff
Microsoft has put into Vista.

Please somebody tell me I'm wrong.

Regards,
Angel.

Yes it is a little daft but this is not the finished article and it is
useful to have full root access while testing Vista which is what this
is all about. MS will secure it better for the final release +
bitlocker disk encryption etc. Also you can add a password to all the
accounts and you should do so. Security is not the sole responsibility
of MSFT IMO, users have to play their part also.

Link to admin account hacks amongst others here.

http://www.chris123nt.com/guides/5365/

For build 5365 but works for 5384.

Jonah

 

[Kerry Brown]

Yesterday after having some unstability problems I started Vista in
safe mode. I was surprised to see that then I had the option to login
with the Administrator accound that doesn't appears during normal
operation.
The Administrador accound had NO PASSWORD. I've never been asked for
an Administrator password during the setup as XP does.

This means that most of the Vista installations must have the
Administrator accound with blank password!!!

To get access to any computer you only have to boot in save mode
login as Administrator and do anything you want to the system or
other users files. I can't believe it's so stupid after all the UAC,
firewalls, antispyware stuff Microsoft has put into Vista.

Please somebody tell me I'm wrong.

Regards,
Angel.

I agree. It was a bad decision by the programmers. Hopefully this will be
changed in the final version.

 

[Homer J. Simpson]

I agree. It was a bad decision by the programmers. Hopefully this will be

changed in the final version.

Not bloody likely that such a decision is made by a *programmer* in a
software company the size of Microsoft.

 

[Mark Dietz]

Yes, anyone can do that, but if you are that worried about the administrator
account as a user, you will be smart enough to set the administrator password so
people can't just walk up and do this. I'm not really sure why it is that big of
a deal as the people that don't know about this probably don't know how to
access safe mode, and there are plenty of people that don't know what safe mode
is, or how to get to it. If you leave the admin account with no password and put
your computer some place where others have access to it and enough time to
actually restart in safe mode and do whatever without you knowing, then IMO, it
deserves to get broken into as you shouldn't leave your computer out in a place
with open access. If you're worried about kids doing something, then as I said,
you will take the initiative to secure it, if you don't, then you deserve it as
I said before.

This is the same principal as people changing others wireless network settings
when the network is left open. If things are changed, you sort of deserved it.
Every router I see now has some sort of setup wizard to secure the wireless
network on first use, and some have a button that you push and it does
everything for you, besides configure the connected clients. How much easier can
it get than pushing a button and copying a string of text?

If you're worried about this sort of thing in a business environment, any
business system I've ever dealt with had a lot of security measures put in place
to prevent access to the Admin accounts. Also, even if you do set a password,
give me 5 min. with access to your system and I can probably remove it with one
of many password reset/blanking tools available for XP, and all I need to do is
boot from disk. How many people do you know that lock this out? Security is all
in the hands of the end user/company and the measures they take to prevent problems.

 

[Colin Barnhorst]

You bet. That one was probably a Mike Nash call.

 

[Kerry Brown]

Not bloody likely that such a decision is made by a *programmer* in a
software company the size of Microsoft.

I guess I should have said development team. Any big program is a
collaborative effort that takes a team. I'm sure there were discussions for
and against. Only the people involved know who made the decision and why.

 

[Bob Young]

Yesterday after having some unstability problems I started Vista in safe
mode. I was surprised to see that then I had the option to login with the
Administrator accound that doesn't appears during normal operation.

The Administrador accound had NO PASSWORD. I've never been asked for an
Administrator password during the setup as XP does.

This means that most of the Vista installations must have the Administrator
accound with blank password!!!

To get access to any computer you only have to boot in save mode login as
Administrator and do anything you want to the system or other users files. I
can't believe it's so stupid after all the UAC, firewalls, antispyware stuff
Microsoft has put into Vista.

Please somebody tell me I'm wrong.

This is a non-issue, to boot into safe mode someone has to have
physical access to your computer, if somebody has physical access,
there is no security. They could just as easily steal the entire hard
drive, boot from a CD tha can read NTFS, take a sledge hammer to the
box, etc.

I'm surprised that everybody is upset by *this* when the *real*
security threat is the fact that most people routinely log on and surf
the Net with an account that has admin privledges. If everbody stopped
doing just that, anti-virus software vendors would go out of business,
because no one would need their products.

Regards,
Bob Young
Software EWngineer
San Jose, CA.