Microsoft Windows2000 discovers significant security vulnerabilities

zhaozj2021-02-08  257

When the login interface moves the cursor to the username input box, press the CTRL SHIFT button on the keyboard. At this time, the input method state strip will appear in the default installation state, move the mouse to the input method, click the right button, appear Select Help in the dialog box, select an operation guide or input method (Microsoft's pinyin input method and smart ABC do not have this option), and a few buttons appear in the Operation Guide or Input Method, the key is the option button. If you are not installing the Windows2000 system of Service Pack 1 or IE5.5, click the Option button with the left mouse button, select the home page in the dialog that appears, at this time, there will be an IE browser interface on the right side of the appearing help window. This page cannot be displayed, with a link to detect network settings, click on it, the network settings will appear, you can make any modifications to the network settings or even control panels. Use the left mouse button to click the option button, select the Internet option in the dialog that appears, you can also make any modifications to the home page, link, security, advanced options. The most serious is to use the mouse button to click the option button will have a dialog box, select a jump to the URL, there will be a dialog box, where there is a jump to the URL input box, enter the path you want to see, such as C : / Then then display the interface display of the resource manager C drive at the right side of the appearing help window, you are already system administrator privileges to do anything about the data you see, so you will go around After the WINDOWS2000 login verification mechanism!

If the service pack 1 or IE5.5's Windows2000 system is installed, the network setting option is not executed, but the Internet option is still executable. The resource manager interface can still appear. By path input, all files in all folders can be seen, but they can not be operated directly, but we can still right-click the file with the mouse button. The clips and file selection are deleted, completely delete (with SHIFT ", rename, and send to floppy disk, etc., can even format the disk! Or right-click on the blank selection web or thumbnail look, you will have a disclosure of some files that can be displayed. Also, we can also use the mouse to click on the drive letter or any folder on the upper left corner of the resource manager, or you can see any file, select Sharing in the dialog box that appears in the folder, and the conversation appears in a single file. Select Properties in the box, you can add shared permissions, such as Everyone, you can choose full control options, as long as this machine can remotely log in to all data over the network! That is to say, no matter whether it passes through the network or physically close to a computer with a Windows2000 system, then we can control everything!

This vulnerability exists in a Windows2000 system having a variety of input methods. After such an abnormal operation, there will be various program running errors from normal logins. The temporary solution is: Select the input method area option in the area option in the control panel, select the Enable taskbar check box, leave all the input methods you are best at, all the input methods, where the internal code is Input method must be deleted! Since the following method is invalid, then use the left mouse button on the taskbar to click the input method to click the input method icon to select the Close input method.

转载请注明原文地址:https://www.9cbs.com/read-1351.html

New Post(0)