Preparation knowledge: two concepts
1, hotkey
Hotkey is used to start a program or use a program One key and one set of keys of the item function, one key can include F1, F2 function keys, or some special keys, such as "internet" on the DELL keyboard, "
mail" and other general keyboards The most common key is the combination key. The hotkey that is most familiar to people using QQ is the “ctrl+~” key combination, which is used to quickly and easily view the sent information. There are also many hotkeys that can be used to open programs. These hotkeys can be set up by themselves. After setting, they can be used to open various programs. You can determine the rules for each program's settings, so that you can effectively use the hotkey function. For example, according to the first letter of the program, after setting, you can easily open the notebook with "ctrl+Alt+N" and open Word with "ctrl+Alt+W". For those who are particularly dependent on a tool, this is the case. The way to open the program is very convenient, so it is widely used.
2, winxp "self-cancellation" feature
in the office, we often need to temporarily leave the look, while hanging in the computer desk, so that means that information is peep or Lost even more serious consequences, so with a screen saver, if you set a password, then in general, others will not be able to move your computer. This ensures security.
In winxp, it provides a feature that we call "self-logout" (that is, automatic logout), this function is similar to the screen saver, and it has been on your computer for a while. It automatically logs out after the quiescent state, but this "logout" is a fake logout, all your background programs are still running, there is almost no difference before the logout, which leaves a hidden danger.
Vulnerability Description
hotkey function is a service provided by the system (specifically refers to open the hotkey program, use the program), the boot process until the login screen, the service has not been implemented, This feature is only enabled when you log in as a user. After execution, the user can use the hotkeys of the user's own settings (including some default hotkeys).
Suppose a user (he has the identity of an administrator and logs in as an administrator) has something to leave for a while, he thought he would be back soon, but he was forced to get back soon, and his computer was Exposed to the case of no protection, then winxp (the operating system of the computer mentioned here refers to winxp, and the operating system does not set the screen saver and the corresponding password) is very smart to automatically implement the "self Logout." If this kind of cancellation is really written off, then this security measure is obviously very good, but as mentioned before, this kind of cancellation is fake, although others can not enter your desktop, can not see your computer What's in the room, but they can also use the hotkey because the hotkey service has not stopped.
Then a hostile and experienced person can use these hotkeys to do some things, the simplest procedures such as opening a big N to destroy your machine, you can open and use a program, In particular, some sensitive programs (and services) related to the network...
In fact, this computer is half controlled by him, as long as he has enough imagination...
Security Countermeasures< BR>
In fact, we have to admit that the above vulnerability is being used to make really destructive things. The probability is very small. It requires a lot of "hypothesis", but as a loophole, it is Really exist, not afraid of 10,000, just in case, just like "CDautorun", as far as we know, it has not been used to cause damage, but the possibility of this breach of security is really there. So in many public places (such as Internet cafes), this feature is turned off.
In order to improve the performance of the server, many network administrators have done RA
Internet Explorers favorites are a collection of our favorite websites, but if one day we re
Speaking of hardware configuration files, many friends have ignored its role in Windows XP, in fact,
In My Computer, sometimes you will encounter such a situation, double-click the dr
Close the problem after the winXP automatic update should be noted
Four technologies that make WinXP performance superior
Learn this Add security mode to the XP boot menu!
Little-known latest XP ten cool skills
Check for missing vacancies: four ways to quickly locate files (2)
XP LAN settings and inaccessible solutions
Several ways to quickly implement WinXP system shutdown
Let the low version of Windows also implement XP's EFS encryption system
Anatomy of the eight ultimate weapons in Windows XP SP2
Retrieving Win XP System Language Bar Lost Solution Three Cases
Win7 system soudmax.dll error repair skills
Securing Win 2003 Domain Controllers
Where is the Win8 Modern application installation folder?
What should I do if the WinXP IE homepage cannot be modified?
Microsoft pushes WP8 first update
Win10 system UWP tile generation method
Where is the Win8 Media Center?
How to make XP programs support Windows 7 system
How to close the "Program Compatibility Assistant" in Win8/Win8.1
How to turn off data execution protection in Windows Server 2003