Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Reviews

    You Can Drive a Bus Through Some Windows 7 Holes

    By
    Andrew Garcia
    -
    August 15, 2009
    Share
    Facebook
    Twitter
    Linkedin

      One thing new with Windows 7 RTM since the Release Candidate — is that the default administrator account is now disabled by default (the account was also disabled in Vista SP1 and SP2). When Windows 7 (Ultimate x64 in my case) is installed, the user creates a personal log-in and password, and this account is automatically made part of the local Administrators group. At the same time, a second Administrator user account gets created in the background with no password, but the account is disabled by default. In the RC this account was enabled, but no more. *

      I discovered this little tidbit as I configured my system for least privilege user mode. After I slid the UAC (User Account Control) slider bar to maximum protection, I logged into the Local Users and Groups dialog to change the name of the Administrator account and add a password. Unfortunately, I failed to notice the account was disabled by default. As a result, once I deleted the Administrators group membership from my personal account, I found I had therefore locked myself out of the ability to access any UAC-protected tools — such as Computer Management or Add/Remove Programs. As there was no active Administrator account in my case, both UAC and RunAs were useless and there was no active Admin account with which I could actively log on.

      Then I learned Microsoft only went halfway with this significant change, and, man, the other half is really badly done.

      photo.jpg

      As a last recourse, I rebooted and hit F8 during the OS load to get to the Advanced Boot Options. I selected Windows 7’s new “Repair Your Computer” option, which loads a slimmed-down user interface for the recovery tool. I selected my account with my limited rights credentials from a drop-down menu and was presented with a single option: Startup Repair. The tool ran a series of diagnostics — it didn’t say what at that time, but I later learned it was running file-system, disk and registry validation checks — then presented me with the option to restore the computer using System Restore. I was not allowed to select which System Restore settings to use, although the system appeared to use the most recently saved settings.

      The restore was completed, and voila, permissions were returned to a workable state. Upon further investigation, however, I found that in the preboot environment I could also log in and effect changes using the otherwise disabled local Administrator account, but only under certain circumstances. Specifically, when no other local administrator accounts are present, the disabled Administrator account appears in the log-in drop-down box and can be suddenly be accessed. And as I mentioned above, even after all these years of Microsoft receiving criticism for this lack of attention to security, the Administrator account has no password by default.

      An admin logging into the recovery tool has a lot more options at his or her disposal, too. As an admin, I could perform the same auto-fix tests, perform System Restores with the ability to select the settings to use, run a System Image Recovery event to restore from a disk backup, run memory diagnostic tests or access the command line for more possible actions. And from the command line I could change drives over to the main drive (from the pre-executable one) and read anything I wanted, even copy it to a USB stick and take it with me.

      Certainly, we know that a data thief with physical access to the machine typically means game over. Boot to a LiveCD or a USB stick that can see into NTFS (NT File System), and thieves can take whatever they want. The usual countermeasures are then to block boot from CD or USB at the BIOS, and put a BIOS password on the system. But, heck, now Microsoft puts in the hacking tools for you — no need for third-party boot media.

      Users could protect themselves by fully encrypting the drive with BitLocker so the intruder only sees garbage. Oh, wait, that’s only for Ultimate and Enterprise customers, not the vast majority of people who will use Home Premium. Never mind.

      Honestly, it’s hard to take Microsoft seriously about the security of its products when you can drive a bus through some of their holes. I know the circumstances of this case were a little unique (who among you plan to remove your admin rights?), but in my book, disabled should mean disabled. Microsoft should NOT be creating as default an admin account with no password, then opening up the account for use in certain situations.

      Word to the wise: Even though that admin account is disabled, do yourself a favor and put a password on it. You probably won’t regret it.

      * Updated to correct some comparisons with Vista.

      Andrew Garcia
      Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for eWEEK.com, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at agarcia@eweek.com.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×