[21566] in bugtraq
RE: W2k: Unkillable Applications
daemon@ATHENA.MIT.EDU (Kaido Karner)
Tue Jul 17 12:08:08 2001
Reply-To: <kaido@tradenet.ee>
From: "Kaido Karner" <kaido@tradenet.ee>
To: "Bugtraq Mailing List" <bugtraq@securityfocus.com>
Cc: "Thomas Zehetbauer" <thomasz@hostmaster.org>
Date: Tue, 17 Jul 2001 09:32:44 +0200
Message-ID: <NBBBKGKBKLABCDJMJELCEEEJIAAA.kaido@tradenet.ee>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <20010716185921.B21654@hostmaster.org>
> Although these processes were and are still protected by their ACL (Access
> Control List) Microsoft is now using case-insensitive string comparison to
> determine whether a process belongs to the operating system.
did you try?
> You can now call you favorite trojan winlogon.exe and task
> manager will not only refuse to terminate it but will also incorrectly
state that it is a
> critical system process.
did you try? I did .. W2k pro task manager does not look the
application/executable name ..
kaido
