How can Windows XP be a security issue in your organization?

Windows XP  is going to expire.  As much as you want to hold on to it, it is going away.   And after more than a decade,  its updates will end in the next year or so as it fades away.  Many people we talk with are missing updates or they plan on holding on.  Here’s something your users may be doing to you without your knowledge if you have Windows XP.

If you fail to disable the command prompt, a user with limited rights can go to a command prompt by typing cmd.

At the command prompt, the user then types taskmgr

The user then ends explorer.exe under the processes tab and then types at (they enter the time in 24 hour format and add a minute or two to the current time) /interactive cmd.exe

Example:   Current time is 23:09:00

The user then types: at 23:10:00 /interactive cmd.exe 

They then can exit and wait for the time they entered.   A command prompt will open and the user can then Go to file on the Task Manager and enter explorer.exe (Explorer will now restart). The user is now operating as an administrator.  The user can add users, install programs and do what they want.

How do you fix this?

Simple – upgrade to Windows 7 or disable the command prompt.

We do not support malicious use of any device.   This tutorial shows how someone can bypass the Administrator’s account.  This is for the readers’ awareness and methods to prevent this should be used to prevent these actions.

Disabling the Command Prompt

Start > Run and type gpedit.msc. Then go to:
User Configuration > Administrative Templates > System

Home Edition?  Use the registry.

HKEY_CURRENT_USER > Software > Policies > Microsoft > Windows > System

In the right panel you have the DWORD value DisableCMD. Change the value 0×00000001.


About these ads

2 comments on “How can Windows XP be a security issue in your organization?

  1. Daddy Hensley says:

    April 8 2014 is the last date I heard on XP expiring..If you heard something else I would like to know.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s