From mikedoug@texas.net Sun Aug 25 15:18:42 1996 Received: from staff1.texas.net (mikedoug@staff1.texas.net [206.127.0.38]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id PAA07485 for ; Sun, 25 Aug 1996 15:18:28 +1000 Received: from localhost (mikedoug@localhost) by staff1.texas.net (TxNet/8.7.5) with SMTP id AAA09007; Sun, 25 Aug 1996 00:17:55 -0500 (CDT) X-Authentication-Warning: staff1.texas.net: mikedoug owned process doing -bs Date: Sun, 25 Aug 1996 00:17:55 -0500 (CDT) From: Michael Douglass To: SekrtyXprt@aol.com cc: best-of-security@suburbia.net Subject: Re: BoS: Gaping Security Hole In-Reply-To: <960825000843_393312675@emout07.mail.aol.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Sun, 25 Aug 1996 SekrtyXprt@aol.com wrote: > It has come to my attention that there is a security hole in Windows 95 that > allows any user to bust out of a passworded screen saver. I checked this out on a friend's machine, and found that this hole does not appear to be present in the built-in screen savers that come with the OEM Release 2 (in post-final beta form now), aka the new Win95. So it is safe to assume that Microsoft knows about it, but just didn't feel it would be wise to tell anyone. Michael Douglass Texas Networking, Inc. "To be a saint is to be an exception; to be a true man is the rule. Err, fail, sin if you must, but be upright. To sin as little as possible is the law for men; to sin not at all is a dream for angels." - Victor Hugo, "Les Miserables"