There has been a great deal of discussion regarding a paper that recently was released, discussing purported vulnerabilities in the Encrypting File System for Windows 2000. However, after analyzing the attack scenarios, we've found that they rely on the EFS Recovery Agent having made a critical error -- the EFS Recovery Key must be left on the machine, contrary to the recommendations in the documentation. If the recommended security practices are followed, the attack fails and EFS data remains secure. We have posted a more detailed discussion of the subject at http://www.microsoft.com/security/bulletins/win2kefs.asp. Regards, [EMAIL PROTECTED]
Windows 2000 Encrypting File System Security
Microsoft Product Security Response Team Thu, 29 Jul 1999 14:47:37 -0700