Re: Windows user privileges

[devis <devis () easynix net>]

So it looks like MS itself will settle that one:

[quote]
-------------------------------------------
[snip]

Amongst the many things this malware does, all of which require admin 
rights, are:

   * Creating files in the system32 directory.
   * Terminating various processes.
   * Disabling the Windows Firewall.
   * Downloading and writing files to the system32 directory.
   * Deletes registry values in HKLM.

All these fail if the user running the e-mail client is not an 
administrator.

So wouldn't it be useful (read: safer) if you could browse the Web, read 
e-mail, and so on as a non-admin, even though you need to perform your 
normal daily tasks as an admin?
__________________________________________________________

[end quote]

by Michael Howard (Senior Security Program Manager in the Secure 
Engineering group at Microsoft).

The DropMyRights Application.

http://msdn.microsoft.com/security/securecode/columns/default.aspx?pull=/library/en-us/dncode/html/secure11152004.asp

This should be pushed as an update and the steps of shortcut described 
in the link automatised.

BTW, after cracked Sound application for creating .wav, in that one 
we've got :
Location: C:\warez\dropmyrights.exe "c:\program files\internet 
explorer\iexplore.exe"

C:\warez ..... no comments.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html