Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Windows Vista Recovery Console and the Password

Windows Vista Recovery Console and the Password

  • Comments 5
  • Likes

Every once in a while I am left scratching my head. Over the last few days a few blog postings have popped up on a subject and I am at a loss to understand why. I’m not the only one – several security industry colleagues have been in touch and have said they are just as puzzled.

The subject in question is that the Windows Vista installation medium and especially the Recovery Console of it is the biggest vulnerability of Vista. Why? Well because the Recovery Console on the installation medium does not require a password anymore and makes the whole disk accessible.

So I wanted to give my perspective, and that of a number of security industry colleagues both inside and outside of Microsoft:

  1. There are the 10 Immutable Laws of Security. Law #3 says: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore. This is well known by everybody having just the slightest security knowledge. There are a lot of tools on the web, where you can boot from and access a disk. Being it Linux distributions, Windows PE, or any other OS that can mount an NTFS partition.
  2. If you have physical access to a disk you can attach it to any computer and mount the disk from there to access the data.
  3. We have a process called "Security Development Lyfecycle" where all the decisions which concern security have to be approved by the Secure Windows Initiative Team. The decision to remove the password was taken in this process and approved there. The reason is an obvious one: This password does not add any security - not a tiny little bit. But it added a lot of hassle: A lot of times, where you would need the Recovery Console, the disk is corrupt in one way or an other. This might lead to the point, where the Recovery Console does not find the Windows installation any more and therefore not Registry and therefore no password and therefore no Recovery Console. As this adds no security but a lot of problems we removed it. This was a conscious decision.
  4. Finally, if you want to protect your computer, do what we said since a long time: Use a BIOS password, use disk encryption (like Bitlocker) and/or EFS. I am using these technologies and am not afraid at all by the whole discussion.

So, I understand that this is scary for people not being too deep in security but as I said: I was pretty surprises that it was even taken up by security sites.

Any comments?

Roger

Comments
  • Well, isn't this obvious? This is known since a long time and a base of every defense in depth concept you are building.

    If there are really security companies supporting statements around this, you probably shoudl think twice

  • Roger's Security Blog : Windows Vista Recovery Console and the Password: http://blogs.technet.com

  • Basic steps that all users should take notice off.

  • Basic steps that all users should take notice off.

  • What OS are you having?

    On xp you can try this:

    Boot computer and press Ctrl+Alt+Delete twice when you See Windows welcome screen / login screen. It'll show classic login box. Now type "Administrator" (without quotes) in username field and leave password field blank, press Enter and you should be able to login Windows.

    Now you can reset your account password from "Control Panel -> User Accounts".

    On win 7 or vista:

    Ctrl+Alt+Delete won't work, you have to use some windows password recovery software. I recommend Windows Password Recovery Tool 3.0 .

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment