Tech content trusted by users in North America and around the world
6,418 Reviews & Articles | 42,804 News Posts
TRENDING NOW: NVIDIA acquires Valve, announces Half-Life 3 release for 2016

Exploit allows administrator command prompt to launch at login screen

Microsoft has left an unpatched exploit in the latest version of Windows 8.

| Hacking & Security News | Posted: May 29, 2012 4:29 pm

Microsoft has left an unpatched exploit in Windows 8 Consumer Preview. The exploit works on Windows 7, Windows Server 2008 R2 and Windows 8 Consumer Preview and has been documented and known for a while. The details of the exploit are pretty simple and can be done in under a minute if one is a fast typist.




The general idea behind the exploit is to be able to run an elevated command prompt without even being logged in. It works by making a simple change in the registry so that when sticky keys is activated it launches the command prompt instead. The hack is virtually undetectable as all it is is a simple change in registry value.


To do the exploit one only needs to open command prompt once on the target PC and enter the code below. Once done, the hacker can return to the workstation at any point later in time and launch an administrator level command prompt just by pressing shift 5 times in a row. This could be of a serious nature for many different people, especially a business.


REG ADD "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionssethc.exe" /v Debugger /t REG_SZ /d "C:windowssystem32cmd.exe"


Microsoft, at the time of writing, has yet to issue a statement regarding the exploit.


Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Subscribe to our Newsletter
Or Scroll Up Or Down