Reply to post: Re: Server 2003

Patch now: Design flaw in Windows security allows hackers to own corporate laptops, PCs

Ken Hagan Gold badge

Re: Server 2003

If I understand it correctly (and posting here is the easiest way to find out), your internet cafe customer would have to be connecting to an SMB share that had been made available on the public internet (not via VPN). Furthermore, to let the attacker use fake group policy to take over your machine, you'd have to be logging into a domain via the public internet. If you are doing either, then I don't think you give a monkeys about security and you are probably already running a rootkit both on the client and the DC.

It's an interesting case, but I think there's a reason why the design flaw went unnoticed for 25 years.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon