[11184] in bugtraq
Windows 2000 Encrypting File System Security
daemon@ATHENA.MIT.EDU (Microsoft Product Security Respons)
Thu Jul 29 18:46:40 1999
Message-Id: <D1A11CCE78ADD111A35500805FD43F580197929E@RED-MSG-04>
Date: Thu, 29 Jul 1999 08:25:27 -0700
Reply-To: Microsoft Product Security Response Team <secure@MICROSOFT.COM>
From: Microsoft Product Security Response Team <secure@MICROSOFT.COM>
X-To: "bugtraq@securityfocus.com" <bugtraq@securityfocus.com>,
"ntbugtraq@listserv.ntbugtraq.com"
<ntbugtraq@listserv.ntbugtraq.com>
To: BUGTRAQ@SECURITYFOCUS.COM
There has been a great deal of discussion regarding a paper that recently
was released, discussing purported vulnerabilities in the Encrypting File
System for Windows 2000. However, after analyzing the attack scenarios,
we've found that they rely on the EFS Recovery Agent having made a critical
error -- the EFS Recovery Key must be left on the machine, contrary to the
recommendations in the documentation. If the recommended security practices
are followed, the attack fails and EFS data remains secure. We have posted
a more detailed discussion of the subject at
http://www.microsoft.com/security/bulletins/win2kefs.asp.
Regards,
Secure@microsoft.com
