Media Gone Mad

Tuesday, 25 February 2003, 12:16 PM EST

"Windows XP Kills Dog, Steals Toaster"

That's the next headline I'm expecting to read after wallowing through a week of technology press misreporting about the latest security issue in Windows XP -- an "issue" that's really nothing of the sort.

At the center of this shameful tempest in a teapot is the Windows Recovery Console (RC), which by design allows you to boot up a damaged system and access supported file systems like FAT and NTFS.

The perceived issue, which started its life on Brian Livingston's Web log and spun out of control from there, comes from the fact that if you boot the Win2k Recovery Console on a machine loaded with XP, it dumps you out to a command prompt without asking you for the XP administrator password.

News flash: this is expected, and desirable, behavior. The Win2k RC can't read the XP registry, so it thinks it is a corrupted Win2k installation. When it can't verify the SAM, it bails out to the console. Administrators want this behavior. If you have an installation on which some third-party driver has hosed the registry, the Recovery Console will allow you to attempt to fix it. That's what "Recovery Console" means.

[ Read more ]


Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 24th