- Jan 7, 2007
The problem lies in Microsoft's security rules assigned to the Windows Registry and the Security Account Manager. Both for some reason have reduced restrictions allowing any local user to fully access the files without administrator privileges.
This is even more critical of the Security Account Manager which holds all the account data -- including passwords -- of all users on the PC. Giving local users access to this private information can allow attackers to log into one of the administrator accounts for full control of the PC.
In the meantime, Microsoft has a manual workaround you can use to patch the issue.
no fix but a workaround is to delete shadowcopy. not sure if this requires hardware access.