...To in some versions Windows2000/XP into shining it without further possible To his, as User with eingeschräkten Rechten or as Guest in a computer einzulogen and then seinem own Account Administrationsrechte To and give so the complete Sicherheitssystem useless To make. Microsoft shining the trouble in the running of XP recognized to have, because with neueren versions (Sicherheitsupdates) of XP exists these Possibility not any more - I had first to, me so on a Computerzeitschrift To wenden; I see therefore for now but none reason More and überlasse it IF, evtl. further Maßnahmen To grasp, if it necessary appear (survey).
Bugfixes there - but caution! at that actual trouble, the behind this Sicherheitslücke standing, deals it itself for a generelles Konstruktionsproblem Windows, the well not To fixen is. Angriffspunkte, The furthermore the whole Sicherheitssystem switch off, could eachone service supplying, of a own Window created.
How erkenne I, whether my Betriebsystem for so a Attacke a Angriffspunkt supply?
the Program [...]  from the Profanwettbewerb 2006 eignet itself very well moreover, around the To to check on.

under windows2000 must the service mstasks no Window having, around the system sure To make. sees the whole so from,
is the computer not sure.

under WindowsXP must the service winlogon no Window having, around the system sure To make. sees the whole so in the manner from,
is the computer not sure.

As I said, except for CSRSS could eachone service, of a own Window created (z.B. Firewall, Virenscanner, Sicherungsprogramme) whom demise the Rechners and sämtlicher geheimer data mean. who genauere Auskünfte needed, can me under the Telefonnumer 05422/46946 achieve - Please short Text on the answering machine talk, in the rule take I then immediate ex and beantworte gladly closer ask to the Topic and give Tipps To further Tests. Please no E-Mails write, have none Internetanschluß!

Please, Please, Please answers possible numerous The untenstehende survey...

Hello Andreas
...and why sees The thing by me so from ??? - windows-XP

Hello Horst,
klick time in the downstairs Window on processes, Threads and Dlls (@Andreas:the writes one incidentally without apostrophe!!!)
Windows XP SP2 XProfan X4
... und hier mal was ganz anderes als Profan ...

so, I had now opportunity, me WindowsXP Servicepack 2 accurate to examine and the To investigating, what there gefixt watts.

1.) Microsoft has well recognized, that eachone service with a Window one extremes Sicherheitsloch darstellt and has accordingly The Services the OS accordingly changed.

2.) The WM_TIMER Message can itself vernünftigerweise not any more of users Send, the Fix for shining in the USER32.DLL To lying.

How sure is windows2000 / XP now really?
in the moment stops I it thoroughly for possible, that one pfiffiger Proghrammierer the, what Microsoft there in the User32.DLL gefixt has, in the own Process again cancel could. Desweiteren have I some Messages and APIs in the suspicion, ähnliches beweirken to, How WM_TIMER - i'll the still debug. would be itself this Befürchtung bewahrheiten, could too many Grafiktreiber Sicherheitslöcher present. ATI and NVIDIA produce ditto in her Services Fenster; the only good is - these Services loading The SHELL32.DLL not .
in the moment sees windows for me almost like a Schweizer cheese or chart house from, with the one einziger train on the right place the gesammte ausgeglügelte Gebilde the windows-safety to that collapse bring could - the would a Supergau cause, against whom sämtlich bislang written viruses only ridiculous wirken would. eachone normal colleagues of/ one firm could on sämliche secret data one Firmenrechners gelangen, eachone Vrus could itself (How under windows98) on each place the Registry write - one surfing as User with eingeschränkten Rechten would no safety More afford.
and the erschreckenste on it: I have (within of/ one hour) a application written, The very already To into Anfänge of WindowsXP into can => till lately was windows means in none point sure and a leises Pusten had whom Supergau schlechthin causes ... Very, very beunruhigend; very, very bad.

so, now my Please: I need Support!
If I hereon looks, what me in the last half-way year everything been successful is, stops I it thoroughly for possible, that me further Opportunities to The Flinte come, a such Supergau To cause.
Since I none Internetanschluß have, need I somebody, the his windows2000 or XP system ongoing with the latest Sicherheitsupfdates and Servicepacks vesorgt and itself with want with me on The Public contact, for a sicheres windows To achieve. The Applications, The I there evtl. zuschicken will be, can in none point on strangers Rechnern using go - i'll me means very very consider, with whom I there zusammenarbeite (Frank Abbing would me there in the moment particularly right - have you got interest, Frank? ).
it is not absolutely necessary, me in anybody point at Ausfindigmachen of Sicherheitslücken To help - I drive each day ca. a hour bicycle, circa to work To come - and there falls me in the rule so plenty Blödsinn one, that I the in a day none everything try can...

[quote:c10489ex3d] The Applications, The I there evtl. zuschicken will be, can in none point on strangers Rechnern using go - i'll me means very very consider, with whom I there zusammenarbeite (Frank Abbing would me there in the moment particularly right - have you got interest, Frank? ).[/quote:c10489ex3d]
Huch, wieso I?
naturally would I you help. Have only presently Problems with Festplatte and computer. withal Neuinstallation over ands over again CRC-Error, no idea why. my System is presently means not so up-to-date.
If you niemanden find, help I you but gladly.
in the autumn I will me a new computer add.

Wichztig is me, the there nothing into incorrect Hands unit. self the I bislang here have, could into incorrect Händen already a small Kathastrophe trigger. I stops you simply for somebody, the not simply losgeht circa any computer To creak circa what kaputzubekommen...
Desweiteren wealth I your MASM Kenntnisse, The I in moment sometimes too gladly had. first thing I will you AMP.EXE zuschicken, one small Program the except for the latest Servicepack of XP and 2000 really on all computer the complete Sicherheitssystem aushebeln and the eingeloggten User to that Admin can make. ought to I nothing further for others Servicepacks find, becomes it with this Program stay - I suspect but, that I too The creak can.
As I said - hochbrisant. On none drop so Dummheiten make, only testing.

so, over again I:
any XP versions under WindowsXP Servicepack2 shine not sure To his. In TNT have I a new Testmöglichkeit for these Sicherheitslücke installed. If one on a Thread a Rechtsklick in that Treeview a Message sends, appear with one unsure system a Messagebox. who these Messagebox sees, can safely tick, that it one Window has, though it Perhaps keines find can (each others Window in a system service taugt too to that creak)..
on the computer, on the I now straight work, runs XP Servicepack 1.
i'm just in the Internetcaffee and I at last visiting to one Test whom Admin here hereon hingewiesen, the his system not sure is. it craved a proof - whom have I it given and me time even Adminrechte verliehen. of course taugte here the Winlogon Process not for a Attacke (god white Why), but the Process for Zeitüberwachung tuts indeed .
As I said - very, very gravely....

[quote:42646b50c1=Jörg Sellmeyer]Hello Horst,
klick time in the downstairs Window on processes, Threads and Dlls (@Andreas:the writes one incidentally without apostrophe!!!)[/quote:42646b50c1]
never mind, personal note ...


[quote:a5533c882d]Wichztig is me, the there nothing into incorrect Hands unit. self the I bislang here have, could into incorrect Händen already a small Kathastrophe trigger. I stops you simply for somebody, the not simply losgeht circa any computer To creak circa what kaputzubekommen...
Desweiteren wealth I your MASM Kenntnisse, The I in moment sometimes too gladly had. first thing I will you AMP.EXE zuschicken, one small Program the except for the latest Servicepack of XP and 2000 really on all computer the complete Sicherheitssystem aushebeln and the eingeloggten User to that Admin can make. ought to I nothing further for others Servicepacks find, becomes it with this Program stay - I suspect but, that I too The creak can.
As I said - hochbrisant. On none drop so Dummheiten make, only testing. [/quote:a5533c882d]
all right and promised. though own I my computer already any Adminrechte .
best mail dus on my alternative Mailadresse with GMX: nordwind256@gmx.de

Hello Andreas
Interesantes Topic !

as far as i know can the as Administrator in the Registry Change,which as
not Amin not any more changed go can or?


HKEY_LOCAL_MACHINE system CurrentControlSet Control Lsa

create tappt im dunkeln here a new entry with the names RestrictAnonymous as Datentyp REG_DWORD. settle tappt im dunkeln this worth on 1. the further there yet whom entry RestrictAnonymousSam as Datentyp REG_DWORD, whom tappt im dunkeln on 1 settle should.


Alfred with family
WinXP-Home ,XProfan10

Alfreds ... Freeware :  [...] 

[quote:4978b8f0d9=Alfred wainwright]Hello Andreas
Interesantes Topic !

as far as i know can the as Administrator in the Registry Change,which as
not Amin not any more changed go can or?


HKEY_LOCAL_MACHINE system CurrentControlSet Control Lsa

create tappt im dunkeln here a new entry with the names RestrictAnonymous as Datentyp REG_DWORD. settle tappt im dunkeln this worth on 1. the further there yet whom entry RestrictAnonymousSam as Datentyp REG_DWORD, whom tappt im dunkeln on 1 settle should.


Alfred with family[/quote:4978b8f0d9]
hopefully talk we now not together past:
there my Program in the Endeffekt not of me carryed out becomes, separate of a service (one Program, not of currently eingelogten User carryed out becomes, separate in the rule of Betriebsystem-Account), becomes one there well not plenty take on can - it be whom, You forbid the group Administratoren the Change of Accounts .

[quote:baf5bcaa7e=Frank Abbing]Hi.
all right and promised. though own I my computer already any Adminrechte .
best mail dus on my alternative Mailadresse with GMX: nordwind256@gmx.de[/quote:baf5bcaa7e]
Mach I, is same on the way...

the Program Please only in a Account started, whom You directly for this Test prepares have (User with eingeschränkten Rechten). there the Account to the Attacke evtl. integral More rights has as one Admin, this Account Please to the Test absolutely again delete!

to that Program: integrally supra frindest You one Static, the you indicating, whether your computer knackbar or not.
under standing one Treeview in the (How with TNT) processes, Threads and Window select go can. dial You one Window from, is the Button attackieren clickable. The processes, The You in the Treeview see, are Services (others processes go not displayed).
click You whom Button attackieren on, becomes the attacked Window visible made and (if everything works) appear on the Window one dialog -> if none appear, others Process dial.
in this dialog gives itself self one Text one (nothing Change) - thereafter Please OK pressing.
as mnächstes checks the program, whether it Access to whom Desktop has and there one Window create can.
a) is this the case, appear one Window with two Buttons, with them You select can, whether You the Benutzermodul or a others Process started want (both Perhaps test times)... .
b) can no Window prepares go, becomes the Account, with the You you eingeloggt have, The group Administratoren added. thereafter go your Token yet all Privilegien verliehen, The I to Time know and the computer new launched. Loggst You you then again your Useraccount with eingeschränkten Rechten one, are you suddenly lokaler Administrator and must everything, what a Admin so must +D-- .

alike whether the Proggi with you functions or not, gib it Please under none Umständen on Dritte moreover and teste it only there, where You particularly The permit moreover have (understand itself of self, think I).

what would like I gladly of you know:
1.) whom Text in static integrally supra in the program.
2.) On which Windowsversion (2000/XP) and welchem Servicepack You the thing tested have.
3.) which(n) service(s) have you got to that creak verwendet; where has it worked, and where not. shows the Static on, that your computer sure is, must You these thing naturally not manage.

In of my Mail there More About the Program and I to Time try...

so, once more to the Windows:
Window under WINLOGON.EXE scheints go ahead give, if at least one User one Password has. there one creak one Rechners quite pointless is, if the Admin quite no Password has, starte I time a new survey => Result is verfälscht.


