CVE-1999-1431
Microsoft Zero Administration Kit - Policy Bypass via Office 97 Explorer Launch
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-1999-1431. PoCs published by Satu Laksela.
AI-analyzed exploit summary This is a technical writeup describing a bypass method for Zero Administration Kit (ZAK) restrictions on Windows NT. It explains how users can circumvent application execution policies by leveraging Microsoft Office's File:Open dialog to launch Windows Explorer and execute forbidden applications.
Description
ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.
Exploits (1)
This is a technical writeup describing a bypass method for Zero Administration Kit (ZAK) restrictions on Windows NT. It explains how users can circumvent application execution policies by leveraging Microsoft Office's File:Open dialog to launch Windows Explorer and execute forbidden applications.