Windows Vista may be Microsoft's most secure operating system to date, but researchers are still finding some glaring loopholes for hackers to exploit. Here is the latest: all you need is a Vista Install DVD to get admin level access to a hard drive.

The loophole arises because the Command Prompt tool in Vista's System Recovery Options fails to request user name or passwords before handing over access to PCs running the operating system. The hack, discovered by security researcher Kimmo Rousku, only works locally. Physical access to a target PC is a must. Even so, the potential for mischief (such as deleting directories or copying files on targeted PCs) is enormous. Hackers don't even necessarily need to run a DVD. "It’s easy to create a bootable USB flash memory that works in a similar way," Rousku notes.

A write-up by Rousku explains the issue in detail and suggests workarounds.

Anti-virus firm F-Secure notes that getting into PCs running Windows XP Home is also straightforward, at least in default set-ups, using a different trick. "The Administrator account password for XP Home is blank by default and is hidden in Normal Mode. But if you select F8 during boot for Safe Mode, you can access the Administrator account and have complete access to the computer," F-Secure notes. ®

Related stories

• Microsoft security engineer makes top-10 worst jobs list (27 June 2007)
• Program Names govern admin rights in Vista (23 April 2007)
• Researchers unpick Vista kernel protection (4 April 2007)
• Feds mandate 'secure' Windows set-up (22 March 2007)
• Review Vista security overview: too little too late (20 February 2007)
• Review Vista first look: Bugs and confusion (14 February 2007)
• How to install a Vista upgrade on any PC (12 February 2007)
• Security watchers lambast Vista (5 February 2007)
• Vista encryption 'no threat' to computer forensics (2 February 2007)
• MS fast-tracks Vista service pack (26 January 2007)
• VeriSign offer bounty on Vista and IE7 bugs (11 January 2007)