Thanks Brad Wardell for emailing us :)
Stardock has made available a developer's release of LogonXP. LogonXP is a program that actually lets you create your own logons without having to distribute any EXE's. It is a freeware program that lets users simply modify the bitmaps in a directory and apply them like they would any other type of theme or skin.
This developer's release is designed for reasonably technical people (to create your own logon, just press the new button and it'll start you with the standard Windows XP logon that you can modify). Stardock LogonXP can also extract the bitmap and settings from most of the logonui's floating around the net.
Stardock LogonXP has been in development for the past several weeks, this is the first general public version of it. Users can submit comments and themes to Stardock's news server and shortly to the various customization sites.
LogonXP is freeware and Stardock is making the .logon format open for anyone to use as they see fit.
Download: LogonXP (Developer's release)
Screenshot: LogonXP
Screenshot: LogonXP
Stardock has made available a developer's release of LogonXP. LogonXP is a program that actually lets you create your own logons without having to distribute any EXE's. It is a freeware program that lets users simply modify the bitmaps in a directory and apply them like they would any other type of theme or skin.
This developer's release is designed for reasonably technical people (to create your own logon, just press the new button and it'll start you with the standard Windows XP logon that you can modify). Stardock LogonXP can also extract the bitmap and settings from most of the logonui's floating around the net.
Stardock LogonXP has been in development for the past several weeks, this is the first general public version of it. Users can submit comments and themes to Stardock's news server and shortly to the various customization sites.
LogonXP is freeware and Stardock is making the .logon format open for anyone to use as they see fit.
Download: LogonXP (Developer's release) Screenshot: LogonXP Screenshot: LogonXP
At this point, without logging in, and as long as the user session is still alive, any local user has the ability to start any program assigned to the hot key -- no matter what permissions.
This leads to a host of situations where the range of results could be just merely an annoyance (dozens of browsers open) or actual exploitation. Local users could execute an known vulnerable application (such as some sort of daemon) and exploit it remotely as it is running under administrative priveledges. That is, of course, if a daemon is actually assigned to the a hot key.
There are limitations in this situation though. Hot keys are disabled once logged in as an account besides that of the first/administrative. And to my knowledge so far, there is not a way to get the program to execute and be available on any desktop besides that of the first/administrative.
Fixes:
- Disable hot keys.
- Microsoft has been notified and a patch should be available soon
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.