New
#1
The netsh createalluserprofile parameter is writeable by any user
Yet another MS security wonder ?
I just connected to a wifi hotspot from a non-admin account on my laptop. Since it was only for testing purposes and with no intent of using it in the future, I decided to delete the wireless network profile once I've finished using it.
Most importantly, the createalluserprofile parameter is set to enabled=no. As far as I know, it means disabled.
So I begin the process :
WHAT ? I see the profile corresponding to the hotspot has been created as an all users profile. Seriously ? Isn't the createalluserprofile parameter supposed to give the option to restrict this to administrators only ? Hence I wasn't much surprised when I noticed I was able to delete said profile without admin rights.Code:netsh... wlan... show profiles...
It seems that making our PCs look like tablet computers is not enough, we get tablet grade security too. Amazing, in some sense !
So. Is there any way left to achieve this now, or is it gone forever ?