Windows XP self-logoff feature

A hotkey is a key and a set of keys used to start a program or use a function of a program, and a key can include f1,f2 these function keys, or some special keys.


1, Hot Key

A
hotkey is a key and a set of keys used to start a program or to use a function of a program. A key can include f1,f2 these function keys, or some special keys, such as "Internet" on the Dell Keyboard, "Mail" and other keys on the general keyboard, The most common is a number of key combinations, the most familiar use of QQ hotkey is "ctrl+~" key combination, used to open a quick view of the information sent.


also has a number of hotkeys that can be used to open programs, these hotkeys can be set up, can be used to open a variety of programs, you can set the rules for each program, so you can effectively use the hotkey function, such as according to the first letter of the program to name, so after setting, you can easily use the " Ctrl+alt+n "Open Notepad and use" ctrl+alt+w "to open Word, the way to open a program is convenient and is widely used for people who are particularly dependent on a tool.


2, WinXP "Self logoff" feature

When
was in office, we often need to leave for a while, and put the computer on the desk, which means that the information is seen or lost even more serious consequences, so there is a screen saver, if you set the password, then under normal circumstances, people can not move your computer. This will ensure security.


in WinXP, it provides a feature that we call "self logoff" (that is, automatic logoff). This feature is similar to the screen saver, where your computer automatically logs off after a period of inactivity, but this "logoff" is a fake logoff and all of your background programs are still running. , with no cancellation before the very little difference, which left a hidden danger.


Vulnerability Description

The
hotkey function is a service provided by the system (specifically, to open the program, use the hot Key of the program), in the boot process has been to the login interface, the service has not been implemented, when you log in as a user, this function just started, after the implementation, users can use their own settings (including some default hotkey ) Hot Key.


Suppose a user (who has the identity of an administrator, and to the administrator login) something to leave for a while, originally thought to come back soon, but then the matter was forced not to return immediately, his computer is exposed to no protection, then WinXP (the computer operating system mentioned here refers to WinXP, and the operating system does not have the screen saver and the corresponding password installed, it is very smart to automatically implement the "Self logoff."


If this cancellation is really logged out, so this security is obviously very good, but as mentioned earlier, this logoff is fake, although others have not been able to get into your desktop, do not see what you put in your computer, but they can also use hotkeys, because the hot key service has not stopped. (material)


then a hostile and experienced person can use these hotkeys to do something, the simplest example is to open n large programs to destroy your machine, and you can open and use a program, especially some network-related sensitive programs (and services) ...


actually the computer is half his control, so long as he has enough imagination ...


Security Countermeasures


In fact, we have to admit that the vulnerability is very small to be exploited to really do destructive things, it needs a lot of "assumptions", but as a loophole, it is real, not afraid of 10,000, just in case, like "Cdautorun", as far as we know, It has not been really used to sabotage, but the possibility of this security breach is real, so in many public places, such as Internet cafes, this feature is turned off.