McAfee: Vista's StickyKeys feature may be abused
On March 12, 2007, a McAfee researcher said that features in Windows were designed to simplify calculations for people with disabilities that could be abused in Vista.
According to McAfee researcher Vinoo Thomas, attackers can use this feature (StickyKeys) to trick users into "unleashing" unauthorized software on a Vista computer.
StickyKeys will be activated when Windows users press the modifier key (like Shift or Alt) 5 times in a row. This makes the modifier "stick" more, so you can execute commands like Shift-F1 without having to press the two keys simultaneously.
To attack, the attacker must first access the machine and replace the sethc.exe file (used to activate StickyKeys) with some other executable files such as the Windows command utility.
According to Thomas, this backdoor vulnerability was found in Windows 2000 and Windows XP. To avoid this problem, uninstall (uninstall) the Accessibility Tools feature (which is installed by default).
- McAfee launches 2 new products
- Without a parent, the child is more likely to be sexually abused
- China dismisses McAfee's allegations
- McAfee detected 3 new zero-day Office errors
- McAfee: Rootkits are more and more unique
- McAfee: The safest '.gov' domain name
- McAfee accidentally fixes a serious error
- McAfee introduces new security products
- New discoveries about human empathy
- McAfee is sued for patent infringement
- McAfee cooperates with Skype
- McAfee security products make mistakes ... security