Introducing Neowin BLUE Theme + New Logo
Posted by Steven Parker on 18 December 2001 - 19:16 · no comments & 115 views
About the Author
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google
You are all right in saying this.. this is being looked at server side and we hope to have it resolved soon. What we have been able to do is give y'all a new theme courtesy of xpfreak currently we only have blue complete. Bear with us as we change our style sheets, scrollbars and colors to match.. I look forward to hearing your opinions on this as we change all our colors to this new format.
At this point, without logging in, and as long as the user session is still alive, any local user has the ability to start any program assigned to the hot key -- no matter what permissions.
This leads to a host of situations where the range of results could be just merely an annoyance (dozens of browsers open) or actual exploitation. Local users could execute an known vulnerable application (such as some sort of daemon) and exploit it remotely as it is running under administrative priveledges. That is, of course, if a daemon is actually assigned to the a hot key.
There are limitations in this situation though. Hot keys are disabled once logged in as an account besides that of the first/administrative. And to my knowledge so far, there is not a way to get the program to execute and be available on any desktop besides that of the first/administrative.
Fixes:
- Disable hot keys.
- Microsoft has been notified and a patch should be available soon