Full Disclosure mailing list archives
Re: Windows user privileges
From: devis <devis () easynix net>
Date: Thu, 25 Nov 2004 01:37:08 +0100
So it looks like MS itself will settle that one: [quote] ------------------------------------------- [snip]Amongst the many things this malware does, all of which require admin rights, are:
* Creating files in the system32 directory. * Terminating various processes. * Disabling the Windows Firewall. * Downloading and writing files to the system32 directory. * Deletes registry values in HKLM.All these fail if the user running the e-mail client is not an administrator.
So wouldn't it be useful (read: safer) if you could browse the Web, read e-mail, and so on as a non-admin, even though you need to perform your normal daily tasks as an admin?
__________________________________________________________ [end quote]by Michael Howard (Senior Security Program Manager in the Secure Engineering group at Microsoft).
The DropMyRights Application. http://msdn.microsoft.com/security/securecode/columns/default.aspx?pull=/library/en-us/dncode/html/secure11152004.aspThis should be pushed as an update and the steps of shortcut described in the link automatised.
BTW, after cracked Sound application for creating .wav, in that one we've got : Location: C:\warez\dropmyrights.exe "c:\program files\internet explorer\iexplore.exe"
C:\warez ..... no comments. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Windows user privileges Todd Towles (Nov 20)
- Re: Windows user privileges GuidoZ (Nov 20)
- <Possible follow-ups>
- RE: Windows user privileges Sandeep Singh Rawat (Nov 22)
- RE: Windows user privileges Paul Schmehl (Nov 22)
- RE: Windows user privileges rp (Nov 22)
- RE: Windows user privileges Phillip R. Paradis (Nov 23)
- Re: Windows user privileges James Tucker (Nov 24)
- Re: Windows user privileges devis (Nov 25)
- RE: Windows user privileges Paul Schmehl (Nov 22)