How can Windows XP be a security issue in your organization?

Windows XP  is going to expire.  As much as you want to hold on to it, it is going away.   And after more than a decade,  its updates will end in the next year or so as it fades away.  Many people we talk with are missing updates or they plan on holding on.  Here’s something your users may be doing to you without your knowledge if you have Windows XP.

If you fail to disable the command prompt, a user with limited rights can go to a command prompt by typing cmd.

At the command prompt, the user then types taskmgr

The user then ends explorer.exe under the processes tab and then types at (they enter the time in 24 hour format and add a minute or two to the current time) /interactive cmd.exe

Example:   Current time is 23:09:00

The user then types: at 23:10:00 /interactive cmd.exe 

They then can exit and wait for the time they entered.   A command prompt will open and the user can then Go to file on the Task Manager and enter explorer.exe (Explorer will now restart). The user is now operating as an administrator.  The user can add users, install programs and do what they want.

How do you fix this?

Simple – upgrade to Windows 7 or disable the command prompt.

We do not support malicious use of any device.   This tutorial shows how someone can bypass the Administrator’s account.  This is for the readers’ awareness and methods to prevent this should be used to prevent these actions.

Disabling the Command Prompt

Start > Run and type gpedit.msc. Then go to:
User Configuration > Administrative Templates > System

Home Edition?  Use the registry.

HKEY_CURRENT_USER > Software > Policies > Microsoft > Windows > System

In the right panel you have the DWORD value DisableCMD. Change the value 0x00000001.


About these ads

About TCAT Shelbyville IT Department

The Tennessee College of Applied Technology - is one of 46 institutions in the Tennessee Board of Regents System, the seventh largest system of higher education in the nation. This system comprises six universities, fourteen community colleges, and twenty-six Applied Technology Colleges.
This entry was posted in Computers and tagged , , , , . Bookmark the permalink.

2 Responses to How can Windows XP be a security issue in your organization?

  1. Daddy Hensley says:

    April 8 2014 is the last date I heard on XP expiring..If you heard something else I would like to know.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s