IT Pro Today is part of the Informa Tech Division of Informa PLC

INFORMA PLC|ABOUT US|INVESTOR RELATIONS|TALENT

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Documents Online Events Advertise About

Newsletter Sign-Up

Cloud

Recent in Cloud

SEE ALL Cloud

Laws and regulations with padlock on cloud icons on laptop computer, blue tone

Cloud Security

Cloud Security Assurance: Is Automation Changing the Game?Cloud Security Assurance: Is Automation Changing the Game?

byKlaus Haller, Data Center Knowledge

Sep 6, 2024

6 Min Read

code-filled DevOps symbol in front of more code

DevOps

Unlock Business Value Through Effective DevOps Infrastructure Management Unlock Business Value Through Effective DevOps Infrastructure Management

byIndustry Perspectives

Sep 6, 2024

7 Min Read

Recent in OS

See All OS

A cartoon of a person sitting at a computer, with speech bubbles—one from the person saying Hello and one from the computer responding with Hello

PowerShell

PowerShell Speech Recognition: How To Set up Voice Commands and Responses PowerShell Speech Recognition: How To Set up Voice Commands and Responses

byBrien Posey

Sep 6, 2024

10 Min View

a laptop infected with a virus and above it the words linux ransomware

Linux OS

Linux Ransomware Threats: How Attackers Target Linux Systems Linux Ransomware Threats: How Attackers Target Linux Systems

byGrant Knoetze

Sep 4, 2024

8 Min Read

IT Mgmt

Recent in IT Mgmt

See All IT Mgmt

person placing a block between two columns of blocks

IT Management

Data Skills Gap Is Hampering Productivity; Is Upskilling the Answer?Data Skills Gap Is Hampering Productivity; Is Upskilling the Answer?

byNathan Eddy

Sep 7, 2024

7 Min Read

code-filled DevOps symbol in front of more code

DevOps

Unlock Business Value Through Effective DevOps Infrastructure Management Unlock Business Value Through Effective DevOps Infrastructure Management

byIndustry Perspectives

Sep 6, 2024

7 Min Read

Career

Recent in Career

See All Career Mgmt

person placing a block between two columns of blocks

IT Management

Data Skills Gap Is Hampering Productivity; Is Upskilling the Answer?Data Skills Gap Is Hampering Productivity; Is Upskilling the Answer?

byNathan Eddy

Sep 7, 2024

7 Min Read

"Gen Z" written on wooden tiles

Career Tips

The Gen Z Guide to Getting Ahead at Work The Gen Z Guide to Getting Ahead at Work

byThe Washington Post

Sep 2, 2024

6 Min Read

Storage

Recent in Security

See All IT Security

Laws and regulations with padlock on cloud icons on laptop computer, blue tone

Cloud Security

Cloud Security Assurance: Is Automation Changing the Game?Cloud Security Assurance: Is Automation Changing the Game?

byKlaus Haller, Data Center Knowledge

Sep 6, 2024

6 Min Read

code-filled DevOps symbol in front of more code

DevOps

Unlock Business Value Through Effective DevOps Infrastructure Management Unlock Business Value Through Effective DevOps Infrastructure Management

byIndustry Perspectives

Sep 6, 2024

7 Min Read

Dev

Recent in Dev

See All Software Dev

a stack of servers with a "no" symbol over it

Software Development Techniques

Serverless Is Trending Again in Modern Application Development Serverless Is Trending Again in Modern Application Development

byForrester Blog Network

Sep 5, 2024

5 Min Read

brown paper peeled back to reveal the word "accessibility?

IT Operations

Building an Accessible Future in the Private Sector Building an Accessible Future in the Private Sector

byIndustry Perspectives

Sep 3, 2024

5 Min Read

Recent in DX

See All Digital Transformation

person using chatbot with laptop at work

AI & Machine Learning

Slack: There Are Five Types of AI Users Slack: There Are Five Types of AI Users

byLisa Schmeiser, No Jitter

Sep 6, 2024

3 Min Read

a robot hand puts the letters 'AI' to the word sustainable

AI & Machine Learning

AI and the Green Market Revolution Will Intertwine AI and the Green Market Revolution Will Intertwine

byForrester Blog Network

Sep 6, 2024

4 Min Read

Infrastructure

Recent in Infrastructure

See All Infrastructure

semiconductor

High Performance Computing

Taiwan Accuses China of 'Poaching' Talent From Its Tech Firms Taiwan Accuses China of 'Poaching' Talent From Its Tech Firms

byBloomberg News

Sep 3, 2024

1 Min Read

quantum computing abstract concept

High Performance Computing

Quantum Computing ‘Making Progress Faster Than Expected’Quantum Computing ‘Making Progress Faster Than Expected’

byIoT World Today, Enter Quantum

Aug 9, 2024

2 Min Read

Newsletters
How To…?
Industry Perspectives
Business Resources
Reports/Research
Online Events

Live Events
Videos
White Papers
Advertise With Us
About Us

Resource Library

IT Security

FoolProof Desktop Security Can be Bypassed

By simply renaming files, a malicious user can bypass the security implemented by FoolProof Desktop Security.

Steve Manzuik

December 7, 2000

1 Min Read

Reported December 8, 2000 by Bryan Hughes

VERSIONS AFFECTED

DESCRIPTIONA vulnerability has been identified in FoolProof Desktop Security. The vulnerability lies in the way that the software restricts certain programs by its common executable name.

By default, FoolProof does not protect command.com from being launched. A malicious user can use the command-line FTP client supplied by default in Windows 9x installations to download other restricted programs, such as copy.exe, that are simply renamed to something else.

DEMONSTRATION

For example, if a malicious user places a copy of xcopy.exe on a renamed FTP server, such as xxx.exe, FoolProof does not prevent the user from launching the program.

VENDOR RESPONSE

The vendor has been contacted, but no response has been received. It is recommended that users reconfigure FoolProof Desktop Security not to allow access to the command prompt. FTP clients should be restricted also.

CREDITDiscovered by Bryan Hughes

About the Author

Steve Manzuik

See more from Steve Manzuik

Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

Newsletter Sign-Up

Editor's Choice

drawings of people with different colored brains

IT Management

Embracing Neurodiversity in IT Workplace to Bridge Talent Gaps Embracing Neurodiversity in IT Workplace to Bridge Talent Gaps

byNathan Eddy

Sep 2, 2024

6 Min Read

circuit board inside a cloud

Cloud Computing

Microclouds: The Next Big Thing in Cloud Computing or Just Another Edge Strategy?Microclouds: The Next Big Thing in Cloud Computing or Just Another Edge Strategy?

byChristopher Tozzi

Sep 5, 2024

4 Min Read

a laptop infected with a virus and above it the words linux ransomware

Linux OS

Linux Ransomware Threats: How Attackers Target Linux Systems Linux Ransomware Threats: How Attackers Target Linux Systems

byGrant Knoetze

Sep 4, 2024

8 Min Read

Exclusive ITPro Resources

Migrating From VMware: Guide to a Successful Transition
September 3, 2024
|
1 Min Read
Developing Immersive HoloLens Apps (Download Your Free Guide)
August 26, 2024
|
1 Min Read
Data Privacy Quick Reference Guide
July 17, 2024
|
1 Min Read
ITPro Today 2024 IT Salary Survey Report
June 20, 2024
|
1 Min Read