Month: November 2007

Windows Vista Backdoor Logon

Windows Vista’s backdoor method works by exploiting the “Ease of Access” button at the bottom left of the Windows Vista Logon screen. Normally when the icon is clicked we get a choice of options such as Narrator, Magnifier, etc. The way to exploit this is by replacing any one of the files with your own…


Windows URI protocol handling vulnerability

This is an interesting vulnerability first got published at the end of July 2007 but really brought to light at the end of October 2007. Spammers exploited this vulnerability by sending a specially crafted URI (Uniform Resource Identifier) containing a “%” character and ending with a certain extension (e.g. “.bat” or “.cmd”). Internet Explorer 7…