Oxygen3 24h-365d [File locking in Windows NT and 2000 - 12/19/01]
SecuriTeam has reported at windowsntfocus that Windows NT 4.0 and 2000 are affected by a file locking problem that could invalidate security policies established by administrators.

The problem arises when an application puts an exclusive lock on a file. When this happens, no further locks can be put on the file. The file locking mechanism does not check for file permissions or the mode in which the file is opened before locking it, which means that it's possible for an application with read-only access to lock it exclusively.

In Windows NT and 2000, if a file is locked exclusively by an application, no other application can access the file, irrespective of whether it is trying to lock the file or not. This can provoke denial of service situations. For example, a user without privileges can stop security policies and logon scripts; prevent the screensaver from being used and therefore stop another user from locking the computer; and even deny access to other users.
This newsletter arrived to me this morning and I found it interesting enough to want to share it with other people aswell. This "feature" from Microsoft can a be nice way for "people" to use when gaining access to a system .