Media Gone Mad

Tuesday, 25 February 2003, 12:16 PM EST

"Windows XP Kills Dog, Steals Toaster"

That's the next headline I'm expecting to read after wallowing through a week of technology press misreporting about the latest security issue in Windows XP -- an "issue" that's really nothing of the sort.

At the center of this shameful tempest in a teapot is the Windows Recovery Console (RC), which by design allows you to boot up a damaged system and access supported file systems like FAT and NTFS.

The perceived issue, which started its life on Brian Livingston's Web log and spun out of control from there, comes from the fact that if you boot the Win2k Recovery Console on a machine loaded with XP, it dumps you out to a command prompt without asking you for the XP administrator password.

News flash: this is expected, and desirable, behavior. The Win2k RC can't read the XP registry, so it thinks it is a corrupted Win2k installation. When it can't verify the SAM, it bails out to the console. Administrators want this behavior. If you have an installation on which some third-party driver has hosed the registry, the Recovery Console will allow you to attempt to fix it. That's what "Recovery Console" means.

[ Read more ]


Credential manager system used by Cisco, IBM, F5 has been breached

Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Nov 25th