On 2010-03-08 Andrew Barkley wrote: > The following illustrates how one can easily disable ZoneAlarm's > security for whatever malevolent purposes. This "vector" so to speak, > is merely "abusing" a particular branch of the Windows registry, by > registering this security service as disabled. When "exploiting" this > "vector" (administrative privileges are assumed Anything starting with "a user with administrative privileges can ..." is neither a vulnerability nor a design flaw. Administrators can by design do anything they want on the system. Period. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
