Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: ZoneAlarm Security Circumvention
.

  • To: [EMAIL PROTECTED]
  • Subject: Re: ZoneAlarm Security Circumvention
  • From: Ansgar Wiechers <[EMAIL PROTECTED]>
  • Date: Mon, 8 Mar 2010 22:56:17 +0100
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]>
.
 
On 2010-03-08 Andrew Barkley wrote:
> The following illustrates how one can easily disable ZoneAlarm's
> security for whatever malevolent purposes. This "vector" so to speak,
> is merely "abusing" a particular branch of the Windows registry, by
> registering this security service as disabled. When "exploiting" this
> "vector" (administrative privileges are assumed

Anything starting with "a user with administrative privileges can ..."
is neither a vulnerability nor a design flaw. Administrators can by
design do anything they want on the system. Period.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.