Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Windows user privileges
From: devis <devis () easynix net>
Date: Thu, 25 Nov 2004 01:37:08 +0100

So it looks like MS itself will settle that one:

[quote]
-------------------------------------------
[snip]

Amongst the many things this malware does, all of which require admin rights, are:

   * Creating files in the system32 directory.
   * Terminating various processes.
   * Disabling the Windows Firewall.
   * Downloading and writing files to the system32 directory.
   * Deletes registry values in HKLM.

All these fail if the user running the e-mail client is not an administrator.

So wouldn't it be useful (read: safer) if you could browse the Web, read e-mail, and so on as a non-admin, even though you need to perform your normal daily tasks as an admin?
__________________________________________________________

[end quote]

by Michael Howard (Senior Security Program Manager in the Secure Engineering group at Microsoft).

The DropMyRights Application.

http://msdn.microsoft.com/security/securecode/columns/default.aspx?pull=/library/en-us/dncode/html/secure11152004.asp

This should be pushed as an update and the steps of shortcut described in the link automatised.

BTW, after cracked Sound application for creating .wav, in that one we've got : Location: C:\warez\dropmyrights.exe "c:\program files\internet explorer\iexplore.exe"

C:\warez ..... no comments.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]