In Windows 8 found a serious vulnerability in storage passwords

Posted: September 21, 2012 in Vulnerability News
Tags: , , , ,

Windows 8Tags: Windows 8, vulnerability, authentication

Administrator Windows 8 can reveal the passwords of other users.

Company experts Password Recovery Software (PRS) have discovered a serious vulnerability in the new Windows 8 authentication mechanisms. It is about authentication methods through photographs and a PIN. Note that authentication with pictures in Windows 8 allows the user to select any photo, and then perform the following steps using the touch panel, for example, to draw a line between the hand and the nose or make a loop between two specific points in the image. Exact repeat these steps to confirm the identity of a system user.

The problem with these methods authentication is that they use a standard user account. “In other words, the user must first create an account with the usual password, and then, if desired, or use the PIN authentication over image” – note in the PRS. If you choose any of the alternative authentication methods all passwords are encrypted using AES algorithm and are stored in% SYSTEM_DIR% / config/systemprofile/AppData/Local/Microsoft/Vault/4BF4C442-9B8A-41A0-B380-DD4A704DDB28 in storage Password Windows.

This folder contains the security identifier (SID) and text account passwords. It is noteworthy that the text passwords are not tied to PIN authentication and image, so any user with administrator privileges can easily get access to it.

Experts point out that the function storage of local and network passwords and SID was first implemented in Windows 7. In Windows 8, this storage will have new opportunities, while losing some old ones. Thus, Internet Explorer 10 can store in the passwords for web-sites, but protected this storage only DPAPI. PRS alert can be found here.

Windows 8 authentication

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s