WinXP's little-known hotkey vulnerability

  
Tips: Two concepts 1. A hotkey is a key and a set of keys used to launch a program or use a function of a program. A key can include F1, F2, or some Special keys, such as the DELL keyboard, "internet", "mail", and other keys that are not on the general keyboard, the most common are mainly some combination keys, the most familiar hotkey for people who use QQ is "ctrl+~&rdquo ; combination key, used to open a quick view of the sent information. There are also many hotkeys that can be used to open programs. These hotkeys can be set up by themselves. After setting, they can be used to open various programs. You can determine the rules for each program's settings, so that you can effectively use the hotkey function. For example, according to the first letter of the program, after setting, you can easily open the notebook with “ctrl+Alt+N”, open Word with “ctrl+Alt+W” for those who are For those who are particularly dependent on tools, such a way of opening a program is very convenient and is therefore widely used. 2, winxp "self-deregistration" function in the office, we often need to temporarily leave, and put the computer on the desk, which means that the information is sneaked or lost or even more serious consequences, so there is Screen saver, if you set a password, then in general, others will not be able to move your computer. This ensures security. In winxp, it provides a feature that we call "self-logout" (that is, automatic logout), which is similar to the screen saver, after your computer has been in a static state for some time. It automatically logs out, but this "logout" is a fake logout, all your background programs are still running, there is almost no difference before the logout, which leaves a hidden danger. The vulnerability description hotkey function is a service provided by the system (specifically, open the program, use the program's hotkey). During the startup process until the login interface, the service has not been executed. When you log in as a user, this The function is only started, after execution, the user can use the hotkey of the user's own settings (including some default hotkeys). Suppose a user (he has the identity of an administrator and logs in as an administrator) has something to leave for a while, thinking that he will be back soon, but then he was forced to return immediately, and his computer was exposed to unprotected conditions. Next, at this time winxp (the computer operating system mentioned here refers to winxp, and the operating system does not set the screen saver and the corresponding password) is very smart to automatically implement the "self-deregistration". If this kind of cancellation is really written off, then this security measure is obviously very good, but as mentioned before, this kind of cancellation is fake, although others can not enter your desktop, can not see your computer What's in the room, but they can also use the hotkey because the hotkey service has not stopped. At this time, a hostile and experienced person can use these hot keys to do something. The easiest way is to open N big programs to destroy your machine, open and use a program, especially some related to the network. Sensitive program (and service) …… actually this computer is controlled by him half, as long as he has enough imagination … … security measures, in fact, we have to admit that the above vulnerability is being used to actually make The probability of destructive things is very small, it needs a lot of "what if" is established, but as a loophole, it is actually there, not afraid of 10,000, just in case, just like &ldquo CDautorun", as far as we know, it has not really been used to cause damage, but the possibility of this breach of security is really there, so in many public places (such as Internet cafes), this feature is turned off. of.
Copyright © Windows knowledge All Rights Reserved