A flaw has been found by a researcher, Vinoo Thomas, from McAfee about Windows’ StickyKeys feature.

The bug can be used to trick users on launching unauthorized machine in Windows Vista. Attackers can replace a file named as sethc.exe, which launches the StickKeys feature, to another program of their choice.

This flaw existed in Windows 200 and XP.

He wrote that, as a solution, “one can uninstall the Accessibility Tools feature, which is installed by default, to avoid this fairly simple, yet potentially serious built-in backdoor.”

“And don’t forget to hit the shift key five times and see what pops up on your desktop,” he added.

Microsoft has not yet responded on this issue.

Source: PC WORLD India