Vista and StickyKeys
I just read this article from PCWorld about a McAfee researcher who says that StickyKeys could be used for bad by tricking users into launching unauthorized software. The attacker would have to replace the sethc.exe file with another that would be ran when the user was trying to get the StickyKeys to work.
Umm, am I just ignorant, or, couldn’t this be true of any program? If the attacker has to replace the program, then it has to be an inside job to start with, the researcher said he believes that it could be used by an inside attacker to bypass log-in on terminal servers and workstations.
If there is something I am missing here, someone please fill me in. Read the PCWorld article here.
In the blog post, here, he says it is because Windows does not check the integrity of the file that launches the StickyKeys program. So that would explain why it wouldn’t be the same for every program in Windows anyway, still don’t see why this is a vulnerability.