> There exist a vulnerability in rdisk which causes the contents of the > registry hives to be exposed to Everyone during updating of the repair info. Which can be trivially fixed by revoking Everyone's ACE from %SystemRoot%\repair. What's the fuzz? There're more serious holes in default ACLs... Andy.
- RDISK registry enumeration file vulnerability in Windows NT ... Arne Vidstrom
- Andy Polyakov
