Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: SP2 vulnerability ?

  1. #1

    SP2 vulnerability ?

    hi all,

    i was browsing through my registry when i've found the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\
    the values in this key are:


    REG_DWORD AntiVirusDisableNotify 0 or 1
    REG_DWORD AntiVirusOverride 0 or 1
    REG_DWORD FirewallDisableNotify 0 or 1
    REG_DWORD FirewallOverride 0 or 1
    REG_DWORD UpdatesDisableNotify 0 or 1
    i think this might be interesting to people who want to disable a firewall remotely without the target owner knowing it

    better keep this key in mind!

  2. #2
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584
    lol, MS Security Center is a joke anyway. the name itself is an irony. i disabled mine, and stuck wid Norton. atleast i have more control with my Norton systems.

  3. #3
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    You can't disable a firewall by changing those registry values... all it does is turn off the Security Center notifications that you don't have a firewall, not turn off the actual firewall.

    Those keys come in handy if you have a firewall or AV installed that isn't recognized by the Security Center.

  4. #4
    You can't disable a firewall by changing those registry values... all it does is turn off the Security Center notifications that you don't have a firewall, not turn off the actual firewall.

    Those keys come in handy if you have a firewall or AV installed that isn't recognized by the Security Center
    i know, you have the option to turn off the alert in the security-center yourself, but this is a bit hard if your on a remote system, and what i meant, since there are other ways to turn of the firewall through the registry, this keys allows you to make sure the user didn't get notified...

    p.s. the link in "other ways" will only work if you have a login..


  5. #5
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    Hah... I thought you were thinking you could turn off the firewall itself by changing those values.
    I don't know if that's really a vulnerability, though... I don't see any other way to "fix" this, unless MS would make it impossible to turn off the Security Center (which would have to mean that unsupported firewalls/AV wouldn't run anymore without constant pop-ups).
    And wouldn't that also mean that every firewall out there is vulnerable because you have the option to shut it down?
    And it's still an extra step to take compared to XP without the Security Center...
    Just some thoughts

  6. #6
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    You can turn the fireall by registry key! I have the registry key at job but not on this PC... I'm looking at my registry now..

    5 Mins later! Here we go! This is for Xp Home... Might be different for XP Pro

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=dword:00000001
    -Simon \"SDK\"

  7. #7
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    SDK > The question was how is being able to turn off the Security Center's warnings a vulnerability?
    Your registry key doesn't do anything on my machine, btw... is this to turn off the internal firewall?

  8. #8
    Well, the biggest vulnerability in security-center is that it makes people believe that it is save, while at the same time you have this kind of options..

    if you would run just a firewall from a third party vendor, you would be a lot safer, since they don't usually have registry settings turning the firewall on or off...

    Negative> can you speak dutch? that's nice to know

  9. #9
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    Lepricaun > I'm Belgian

  10. #10
    that explains a lot!

    and i thought you came from texas, i don't believe they have a place called "texas" in belgium

    Well, it's nice to know...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •