mailing list archives
Re: Windows user privileges
From: devis <devis () easynix net>
Date: Thu, 25 Nov 2004 01:37:08 +0100
So it looks like MS itself will settle that one:
Amongst the many things this malware does, all of which require admin
* Creating files in the system32 directory.
* Terminating various processes.
* Disabling the Windows Firewall.
* Downloading and writing files to the system32 directory.
* Deletes registry values in HKLM.
All these fail if the user running the e-mail client is not an
So wouldn't it be useful (read: safer) if you could browse the Web, read
e-mail, and so on as a non-admin, even though you need to perform your
normal daily tasks as an admin?
by Michael Howard (Senior Security Program Manager in the Secure
Engineering group at Microsoft).
The DropMyRights Application.
This should be pushed as an update and the steps of shortcut described
in the link automatised.
BTW, after cracked Sound application for creating .wav, in that one
we've got :
Location: C:\warez\dropmyrights.exe "c:\program files\internet
C:\warez ..... no comments.
Full-Disclosure - We believe in it.