dijexi.com

By default all Microsoft Windows NT based operating system exposes hidden administrative shares options, which allowing the administrator of a machine to access the machine via the network. The administrative shares are:

• C$: To access to a partition or root directory. Other partitions available on your computer are also accessible via their letter, followed by the character "$", for example D$, E$, etc
• ADMIN$: To access to% systemroot%, to manage a machine on the network
• IPC$: Allowing the communication network between processes
• PRINT$: Remote access to printers.

So by default you can access all files in drive C: by simple connecting it by typing \\yourcomputer\C$ on Start – Run… menu or Windows Explorer.

For some security constraints, it may be necessary to remove access to administrative shares.

Read more…

Image via Wikipedia

From Microsoft Security Advisory (972890) Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution (2009-Jul-06) :

Microsoft is investigating a privately reported vulnerability in Microsoft Video ActiveX Control. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention. Read more…

SAN JOSE, Calif (AP) — Microsoft Corp. has taken the rare step of warning about a serious computer security vulnerability it hasn’t fixed yet. The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software. Read more…