“A security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password,” Asher Moses reports for The Sydney Morning Herald.
“Adam Boileau first demonstrated the hack, which affects Windows XP computers but has not yet been tested with Windows Vista, at a security conference in Sydney in 2006, but Microsoft has yet to develop a fix,” Moses reports.
MacDailyNews Take: Give Microsoft a break; they were very busy at the time artificially plumping Intel’s numbers while covering their own inefficient, bloated code deficiencies by slapping misleading Vista-capable stickers on POS PCs that were exceedingly Vista-incapable.
Moses continues, “Interviewed in ITRadio’s Risky Business podcast, Boileau said the tool, released to the public today, could ‘unlock locked Windows machines or login without a password … merely by plugging in your Firewire cable and running a command.'”
“Boileau, a consultant with Immunity Inc., said he did not release the tool publicly in 2006 because ‘Microsoft was a little cagey about exactly whether Firewire memory access was a real security issue or not and we didn’t want to cause any real trouble,'” Moses reports. “But now that a couple of years have passed and the issue has not resolved, Boileau decided to release the tool on his website.
Full article here.