Hey All,
yet again another possible security flaw... suprised ??? i didnt think you would be

A security flaw recently revealed in Microsoft Corp.'s Windows XP could enable unauthorized users to access password-protected PCs.
Using the Windows 2000 CD, anonymous users can apparently boot up a computer with the Windows XP OS and call up the troubleshooting program Windows 2000 Recovery Console.
Using the program's system recovery routine, the unauthorized user can then work under the guise of a Windows XP Administrator, effectively rendering any passwords useless. The flaw affects all XP user accounts, password-protected or not -- visitors can then access files from the hard drive and copy to any removable media.

the rest of the story Here