Nytro Posted February 24, 2015 Report Posted February 24, 2015 Bypassing Windows Lock Screen via Flash ScreensaverFebruary 23, 2015Adrian FurtunaWe have recently discovered an easy method to bypass the Windows Lock screen when a flash screensaver is running.The method allows an attacker to gain unauthorized access to a user’s Windows session if he has physical access to a locked machine.Background infoWhen a user leaves his computer (ex. during a lunch break), he should lock his session in order to prevent other people from doing actions on his behalf.Some computers, mostly in corporate environments, are configured to play a flash animation as screensaver while the computer is locked. This configuration is done by specifying a path to a .scr file that should be played by the flash player – using the following registry key:HKEY_USERS\.DEFAULT\Control Panel\Desktop\SCRNSAVE.EXEArticol complet: http://securitycafe.ro/2015/02/23/bypassing-windows-lock-screen-via-flash-screensaver/ Quote
