Hi!
BinaryBrother wrote:To Dev:
There's nothing "secure" about firing a plain-text password through a commandline parameter. Randomly generated or not.
I used the Sethc.exe injection trick on my system with a modified TaskMgr [requires authentication - still] so I could pull out of problematic situations like these.
If you argue with hacking tools, you might also install a key logger to grab a real user's password.
BinaryBrother wrote:If you don't have a backup plan [like I did], there's no way out of this situation without logging WOUTempAdmin out, effectively stopping updates midstream [same as a hard-reset], which is not advised. You might be able to wait for the system to automatically finish, but the presence of a blocking error could escalate the issue to a damaged OS, rather than an outdated one. ;P
No, it's not like a hard reset. Running processes are waited to be finished (or timed out).
It's more like you reboot a machine during "Online Update" - not recommended but usually no disaster.
BinaryBrother wrote:This is a very risky situation. Given that the password is stored in plain-text, same as no password at all as far as any security standard is concerned, I would recommend using a known password for the generated account.
I disagree with this.
A random password isn't chosen to increase security for the time of updates' installation.
During updating, a computer is completely open to anyone who gets physical access to it, regardless of random or known password, because of the Autologon.
A random password is chosen to increase security afterwards.
If you choose a known password and the deletion of the "WOUTempAdmin" account fails for any reason, during cleanup or caused by the interruption scenario mentioned above, an administrative account with a known password will
remain in the system, created by this software.
That's unacceptable in my opinion.
Regards
Torsten Wittrock