CVE
- Id
- 3082
- CVE No.
- CVE-2001-0261
- Status
- Candidate
- Description
- Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.
- Phase
- Proposed (20010404)
- Votes
- ACCEPT(3) Baker, Bishop, Frech | NOOP(3) Christey, Cole, Ziese | REJECT(1) LeBlanc | REVIEWING(1) Wall
- Comments
- Bishop> Sounds like Microsoft just confirmed it! | Christey> The description should make the point that the original files | are in plaintext. | LeBlanc> The preconditions needed to obtain the clear-text backup file | are that the user must be able to read the raw disk. Only administrators | or those with physical access can read the raw disk. An admin could | alter the operating system such that anything a user did would be | available, even EFS information (since the admin can cause processes to | run as any user who is logged on currently). Thus even if this issue | were not present, the same set of preconditions would lead to access to | the same information. In the case of physical access, scrubbing the disk | should be viewed only as raising the bar - information can be recovered | even from overwritten sectors. Additionally, coverage of a file might | not be complete - in the case where a file is truncated, then encrypted, | there could be sectors with file information that the operating system | would have no knowledge of at the time the encryption occurred, and | there is no practical way to wipe these. Considering all the realities | of the situation, the only real-world solution is to create files you"d | like encrypted in a directory marked for encryption. | CHANGE> [Baker changed vote from REVIEWING to ACCEPT]
