Welcome to MSDN Blogs Sign in | Join | Help

Why you shouldn't run as admin...

First, let’s define terms.  This may be oversimplifying, but for the purpose of this discussion there are only two types of users:  Administrators, and Users.  They are essentially distinguished by membership in the “Administrators” and “Users” local groups.  “Administrators” have complete and unrestricted access to the computer/domain.  “Users” are prevented from making accidental or intentional system-wide changes.

 

Narrowing down to two user types is not entirely arbitrary.  In fact, this is exactly how Windows XP Home Edition distinguishes users.  Under the hood, its Computer Administrators and Limited Users are members of Administrators and Users, respectively.  And besides, membership in groups such as “Power Users” or “Backup Operators” is tantamount to being an Administrator.  When I talk about running as non-admin, I am not suggesting running as Power User instead.

 

OK, so if you are one of those people who is allowed (or required) to administer your own computer, why wouldn’t you just want to log on as an admin all the time?  Well, if you were a surgeon, would you always want to hold an unsheathed scalpel in your hand?  Or would you prefer to keep it in a safe place until you actually need it?  Does that metaphor work?  How about “running with sharp scissors”?  Well, let’s skip the metaphors, then.

 

The #1 reason for running as non-admin is to limit your exposure.  When you are an admin, every program you run has unlimited access to your computer.  If malicious or other “undesirable” code finds its way to one of those programs, it also gains unlimited access.  A corporate firewall is only partial protection against the hostility of the Internet:  you still browse web sites, receive email, or run one or more instant messaging clients [added 2004.06.25] or internet-connected games.  Even if you keep up to date on patches and virus signatures, enable strong security settings, and are extremely careful with attachments, things happen.  Let’s say you’re using your favorite search engine and click on a link that looks promising, but which turns out to be a malicious site hosting a zero-day exploit of a vulnerability in the browser you happen to be using, resulting in execution of arbitrary code.  When an exploit runs with admin privileges, its ability to compromise your system is much greater, its ability to do so without detection is much greater, and its ability to attack others on your network is greater than it would be with only User privs.  If the exploit happens to be written so that it requires admin privileges (as many do), just running as User stops it dead.  But if you’re running as admin, an exploit can:

  • install kernel-mode rootkits and/or keyloggers (which can be close to impossible to detect)
  • install and start services
  • install ActiveX controls, including IE and shell add-ins (common with spyware and adware)
  • access data belonging to other users
  • cause code to run whenever anybody else logs on (including capturing passwords entered into the Ctrl-Alt-Del logon dialog)
  • replace OS and other program files with trojan horses
  • access LSA Secrets, including other sensitive account information, possibly including account info for domain accounts
  • disable/uninstall anti-virus
  • cover its tracks in the event log
  • render your machine unbootable
  • if your account is an administrator on other computers on the network, the malware gains admin control over those computers as well
  • and lots more

My #2 reason for running as non-admin applies to developers.  Developing software as User instead of Admin helps ensure that your software will run correctly on end-users’ systems.  Please, never again give me anything like Windows Messenger 4.x!  An admin had to install it, of course, but no user could use it until that user ran it at least one time with admin privileges.  That’s not even “an admin has to run it once before anyone else can”.  That would have been bad enough, but Messenger actually required that each user run it with admin privileges.  Completely inexcusable, and certainly attributable, at least in part, to devs running as admin.  Keith Brown’s upcoming book also drives this point home really well.  Some will argue that you should develop as admin and test as User.  I don’t believe this works as well.  Maybe I’ll drill down into that point in a future post.

 

My #3 reason applies just to Microsoft personnel, particularly those of us in customer-facing roles.  Hey, y’all!  We need to lead by example.  People look to us for best practices, for the right way to do things.  We are trying to convince the world that we are thought leaders in software and in software security.  In the Unix world, they never run as root except when necessary.  They “su”, do what they need to do, and revert back.  We are not leaders when we run as root all the time.  Comrades:  you need to run as “User”, and your customers need to see you doing it.  If you run into issues, don’t add yourself back to the admins group – file a bug against the offending product.  Customers:  if you see any MS sales, MCS, Premier, PSS, etc., doing web or email as admin, please tell them, “You’re not setting a very good example.  I am disappointed.”

 

Next post we’ll start talking about how to run as non-admin without driving yourself crazy.

 

Published Thursday, June 17, 2004 4:47 AM by Aaron Margosis

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Why you shouldn't run as admin...

Thursday, June 17, 2004 5:59 AM by blog coward
Let me see if I got this straight, there's an account that can destroy everything by ousiders. Instead of a multi billion dollar a year company making their OS secure and not like Swiss cheese, the average Joe has to jump thro hoops to pretend to be safe. Not running as Admin will not make you safe, not running low security software does. So what if Unix user's don't run as root, two wrongs don't make a right. Spend a couple bucks of that $50billion cash reserve building Windows that can't be hijack by outsiders simply because you run as the boss on your server.

# re: Why you shouldn't run as admin...

Thursday, June 17, 2004 8:27 AM by Brian Schkerke
Uh, blog coward... what do you think root is? It's an account that can "destroy everything by outsiders."

The problem isn't Microsoft making their OS secure. The problem is Microsoft reconciling the operating system's ease of use with the ease of destruction. Linux has the same problem; Lindows is fairly infamous for initially running everything as root. (Linspire, Lindows, whatever they call it.)

As for low security software most Linux distributions didn't come with ipchains/iptables installed by default until a few years ago. (Well, circa 2000.) Prior to that they left their hosts wide open to the Internet, much like Windows 98 and 2000 does. The built in firewall in Windows XP gets deactivated due to "consumer suggestion sites" that insinuate it "won't help you protect yourself and will only aggravate you." Similar advice comes from every direction.

Why am I prompted to give the root password any time I do something even remotely related to the system on Red Hat? How is my giving the root password eight hundred times in one session to get one application working more secure than Windows asking for the administrator account? (And yes, you can Run As... rather than logging out. Thank God.)

The final straw is the fact that many of the operating system deficiencies people like to pounce on are expounded on by the millions of developers who throw together a program that "just works" and don't consider the security implications. Linux independent developers cause these same issues.

Now add in the fact that Windows is, ultimately, based on code from ... what, 1980? Windows NT was supposed to be a clean rewrite but with the Win16 and Win32 API compatibility requirements I'm not sure how clean that rewrite truly was. Linux was started in 1991. You have this oldtimer operating system carrying around eleven more years of compatibility baggage through an evolving definition. Linux has the advantage that it is POSIX based and that definition hasn't changed significantly for years. 16 bit, 32 bit, 64 bit -- no biggie. (Yes, that's a definite and huge advantage that Linux and Mac OS X have. The signifigance of being able to run POSIX compliant software, or at least easily porting it, means that an operating system can share applications with others -- OS X, SysV, OS/2, AT&T UNIX, *BSD.)

I am no blind Windows fan, but neither am I a blind Linux fan. Posts like yours do nothing to encourage Microsoft to fix the bugs they have, nor do they anything to advance the cause of OSS software or Linux in general. Instead they show the contempt that individuals like you feel you can have because of a perceived advantage on your part in the operating system you run or develop. They're pointless and inflammatory, not to mention based on biased and incomplete information.

Ah, to hell with it. Why am I feeding you?

# re: Why you shouldn't run as admin...

Thursday, June 17, 2004 10:16 AM by Pat Rice
From NT 3.5 (the first usable version - 3.1 was SLOW SLOW SLOW) through Windows 2000, I was very careful to limit Administrator privileges. Safety! Security! were my mantras.

I suffered for it.

Too many applications - including several from Microsoft - just plain wouldn't work unless installed & run by an administrator.

Now, with Windows XP, my account is an Administrator, and everything (more or less) works as it should. There is no Safety! Security! any more, but at least I can get my work done.

# Learn to run as non-Admin

Thursday, June 17, 2004 12:03 PM by Robert Hurlbut's .Net Blog

# re: Why you shouldn't run as admin...

Thursday, June 17, 2004 12:00 PM by blog coward
For the record, I only use Windows for both work and home. I have only tinkered with unix/linux.

# re: Why you shouldn't run as admin...

Thursday, June 17, 2004 1:59 PM by josh
There are very few applications that just don't work without full admin access, but it takes forever to find the problems and poke holes through. (auditing is a big help, but still)

# re: Why you shouldn't run as admin...

Thursday, June 17, 2004 4:26 PM by old thoughts, old arbument
How about Microsoft changing the XP OOBE such that a user logging into the system for the first time gets to set up non-Admin accounts and log in, from the first moment, as a user.
Home users especially won't recognize the value of the User account until they can get their system set up the first time while they are in a User-level account and it is much easier to get the whole family set up as Users.
All testing should be done by default with the tester in "Limited User" account and then issues regressed against accts with admin priveledges. Always.

# Active MCS Federal Bloggers

Thursday, June 17, 2004 5:30 PM by Ben Waldron's Blog

# re: Why you shouldn't run as admin...

Friday, June 18, 2004 12:19 PM by Peter Torr
Hey, not sure this makes sense:

"...its ability to attack others on your network is greater than it would be with only User"

Just because you're local admin on your machine doens't mean you're admin on any other machines (unless they all share the same password). In fact, running as YOUR_BOX\Administrator is "better" than running as DOMAIN\User in this specific instance because the local account can't write to network shares, whereas the domain account probably can (and therefore infect other people who open infected files). Also, in some cases other people will add your domain account as Administrators to their boxes (eg, a shared Terminal Server) which means even if the malware can't infect your box (you're a normal user) they can infect the server.

Obviously running as user is goodness... I just don't think you can make an argument based on the damage to other machines on the network ;-)

# re: Why you shouldn't run as admin...

Friday, June 18, 2004 12:26 PM by Aaron Margosis
Peter, you're correct. The scenario I was thinking of was of other domain passwords stored in LSA secrets; e.g., to start services, COM+ components, etc. Probably a reach on my part, as that's probably not very common on workstations.

# Run as Non-Admin..

Sunday, June 20, 2004 9:22 PM by SecureCoder by Anil John

#

Friday, June 25, 2004 12:55 PM by Aaron Margosis's WebLog

# Microsoft, Youre not setting a very good example. I am disappointed.

Friday, June 25, 2004 6:21 PM by Dana Epp's ramblings at the Sanctuary
I know I am going to get myself in trouble for this... and will probably be banned from the Microsoft campus, but I saw a post by a Microsoft employee and felt compelled to respond. I am taking Aaron Margosis to task and following his suggestion. In his post he says: Customers: if you see any MS sales, MCS, Premier, PSS, etc., doing web or email as admin, please tell them, Youre not setting a very good example. I am disappointed. How about PowerPoint? How about Word? How about demos of stuff not needing to be run as admin? How about running a remote desktop? I saw all of these when I was at Microsoft. When I was walking through the trustworthy computer fest last week at Microsoft I stopped at NINE machines that Microsoft employees were using, and all nine were logged on as administrator. 9 for 9 were NOT running with least privilege. But thats not the frustrating part. This was a SECURITY RELATED computer fest. You would think that this crowd would be much more aware and focused on such things. Combine that and the recent fact I found out that in the latest RC of XP SP2 you no longer can use "runas" on your Windows Update right out of the box... and I see serious problems on the Microsoft campus. It seems many don't wish to eat their own dog food. Microsoft, Youre not setting a very good example. And I am disappointed....

# Why you shouldn't run as admin

Monday, June 28, 2004 2:06 AM by Sergey Simakov blog

# re: Why you shouldn't run as admin...

Monday, June 28, 2004 10:07 PM by keith
I wonder why everyone points their fingers at Microsoft saying "Your OS is like Swiss cheese". I think to myself..."and when was Microsoft ever a Security company?" They write software. It is what it is...and typically it's all about functionally and is generally pretty robust, fairly user friendly and a hell of alot more plug and play friendly than any *NIX I've ever seen (although opinions may vary).

Unix admins have had to jump thru lots of hoops for years to secure a *NIX distro out of the box. Thinning services, disabling things, patching vulnerable services (minimizing your attack surface) and more, have all been a part of a *NIX admins job for quite sometime......it's sorta just what ya do when your a *NIX admin. Windows admins have been oblivious to those simple concepts since the beginning of time. Turn stuff off if ya don't need it. Set ACL's on stuff, apply group policies and secure templates....almost like.....applying wrappers, applying IPchains or tables and disabling unnecessary unix services....simple comcept.

# Why I have to run as admin...

Tuesday, July 06, 2004 11:18 AM by ch.
well that's a nice theory but in practice xp requires admin priviledges to run many applications. I either run them as admin or not run them at all.

# re: Why you shouldn't run as admin...

Wednesday, July 07, 2004 1:51 PM by Aaron Margosis
ch - It is true that some apps don't work without admin privileges. In some cases it's valid (e.g., secpol.msc), and in some cases it's because of faulty design and/or implementation. Complain to the vendor in the latter case. BTW, in that case it's not XP requiring admin privileges, it's the faulty app! In any case, needing to run as admin sometimes is not an excuse to run as admin all the time, particularly with anything with internet exposure (email, IM, internet-connected games, media players, web browsers, etc.)

# blame the faulty app

Thursday, July 08, 2004 2:10 PM by ch.
ok, i blame age of empires made by microsoft :)


ok i know it's too old to work the easy way, i wrote to techsupport and they provided a very complicated solution which works (after i tweaked it a little bit)

#

Saturday, July 10, 2004 12:56 AM by Aaron Margosis's WebLog
Expect more attacks before patches become available - and how you can protect yourself.

# re: Why you shouldn't run as admin...

Saturday, July 24, 2004 11:48 PM by Niclas Lindgren
Well,

This is an old blog, but I will add one note. If you are knowledgeable enough to know that you shouldn't run as Admin, then you are probably also knowledgable enough to avoid "damaging" your computer due to various reasons. So the theory is good, but to be able to actually benefit the common user it somehow has to be enforced to use a normal account for most things.

I have run as an admin for as long as I know, I have never ever been troubled by viruses or worms. Maybe I have been lucky, but I doubt it. So the key audience for these kind of advices has to be those that are unlikely to ever read about it. My question is, how do you reach those people and change the normal pattern for windows usage (that is everyone is always admin)?

Cheers

# re: Why you shouldn't run as admin...

Sunday, July 25, 2004 9:18 PM by Aaron Margosis
Niclas, thanks for posting.

I must disagree with your basic premise that simply being "knowledgable" offers the same security as running with limited privilege. See my posting about zero day attacks for more about this (http://blogs.msdn.com/aaron_margosis/archive/2004/06/25/166039.aspx). With download.ject, organized criminals exploited vulnerabilities in the web servers of well-known and generally "trusted" sites, in order to insert code that would run on the machines of those who browsed the site. That code exploited a previously unknown and (of course) unpatched vulnerability. If you were running as admin and happened to go to one of those sites, your machine was owned. I'm sure you generally visit only sites you "trust" to some degree. But have you ever clicked on something returned from Google, only to find that the site you connected to looks nothing like what Google said it would be? That's happened to me, and I think I'm fairly knowledgeable.

I also ran as administrator for years and to my knowledge never had malicious code execute on my computer. Maybe there wasn't any - or maybe I just never knew. In any case, I'm older and wiser now :-) and the threats are much greater now than they were even five years ago.

Regarding the vast, non-technical majority - getting them secure will depend on us and application vendors. We (Microsoft) need to make running with least privilege the default, without sacrificing user experience. (That's not easy.) We also need application vendors to make sure their products work well without requiring admin privileges, as many of them now do. (Check this out - it makes me absolutely ill: http://support.microsoft.com/default.aspx?scid=kb;en-us;307091 )
In the meantime, you can help those whom you come into contact with. Least privilege is actually easier for the home user than it is for the corporate user - for more info see http://blogs.msdn.com/aaron_margosis/archive/2004/06/17/158806.aspx

# re: Why you shouldn't run as admin...

Tuesday, August 03, 2004 5:54 PM by Bit Fuzzy
There's no reason *nix or Windows users need to run as admin.

There are ways to allow "limited" users the use software without admin/root access

Security depends on and perhaps starts with the Administration of the system/network.

Would you take your front door off its hinges and sleep well?


# I'm Not Running As Administrator

Friday, September 17, 2004 7:08 PM by mike lorengo
I'm Not Running As Administrator

# Debugging ASP.NET Applications Without Administrator Privileges

Monday, September 27, 2004 12:32 PM by Pick A Bar
I think most everyone would agree that doing day to day activity on your PC as an administrative user is a bad idea. At the same time, knowing why you shouldn't run as admin hasn't been enough to motivate me...

# SpywareBlog - Why you shouldn't run as admin...

Monday, December 13, 2004 2:50 PM by TrackBack
SpywareBlog - Why you shouldn't run as admin...

# No longer running as Admin

Tuesday, December 28, 2004 2:40 PM by Lori Pearce's WebLog

# VSIP as a Normal User

Tuesday, January 04, 2005 1:51 PM by Aaron Marten's WebLog

# To Be Or Not To Be (An Administrator)

Sunday, March 27, 2005 10:59 PM by Nazul's Weblog
En Windows tenemos el síndrome de ejecutar las aplicaciones como Administrator. ¿Podremos quitarnos ese vicio?

# Table of contents, Aaron Margosis' non-admin blog

Monday, April 18, 2005 8:22 PM by Aaron Margosis' WebLog
Complete list of Aaron Margosis' non-admin / least privilege posts, for easy lookup.

# Why you shouldn't run as admin...

Wednesday, April 20, 2005 1:33 AM by Aceryt

# Spread the LUA joy

Friday, June 10, 2005 12:12 PM by tonyso
Get your friends and family, all those folks that come to you for computer help once their machines have...

# re: Why you shouldn't run as admin...

Friday, June 24, 2005 2:25 PM by Glenn Charles
My problem is to do with games. Admittedly, I've enough experience to easily change back and forth from admin to non-admin; I'm also both lazy and forgetful at least at times. I also share the network with someone who has no idea of vulnerabilities at all, and is now debating whether or not virus protection is really necessary. The point of this is; the importance varies somewhat because of the usage of the computer. ...Particularly since IE can demand use of admin privileges, according to one of the lists I just visited.
Glenn

# re: Why you shouldn't run as admin...

Sunday, June 26, 2005 4:50 PM by NobodyXYZ
It is good to see MS users doing things that Linux/BSD does from years before. MSWindows have wrong approach to security: NONE. Making user accounts with less privilegies is a good step forward, BUT the lack of good security politics from MS is always here. If MS want to be more secure then THEY NEED TO REEVALUATE their goals and default politics. I use windows in the work, and use linux or BSD in my home, with some experience in both worlds, I can say that MS is hard to maintain without viruses or crashes, AND THIS IS NOT A MATTER OF MY ACCOUNT PRIVILEGIES, no, IT IS a matter of the Windows OS. In other OSes i can be secure without virueses or crashes ever. But in my work, with MSWindows, i need to run antiviruses, antispywares, anti-etcetera, to feel security.
As an user of MSWindows i disapoint with they criterias of security, my Co. pay a lot for the OS but it thoes not reflect to us any advantage. MS need to be cerfull to security from now and beyond, because is a core problem and not an extravaganza.

# re: Why you shouldn't run as admin...

Sunday, June 26, 2005 4:52 PM by NobadyXYZ
You cowards, post my comment, dont be sysy. Or is the true so hard to you?!

# re: Why you shouldn't run as admin...

Monday, June 27, 2005 5:06 PM by Vermont reader
Not sure what all these comments are going on about. The simple truth is stated quite nicely in the original blog. No matter how well or how poorly your OS is conceived and written, it is just plain safer to NOT run as the account that can do absolutely anything it thinks it wants to. The post was not about the quality of Windows XP. It just states the obvious. Consumer software should not have to run as a local Admin (or root on Unix systems). So why make it do so. If you can get away without running as a local admin, you should probably do so.

# re: Why you shouldn't run as admin...

Friday, July 08, 2005 3:07 PM by richjj
Speaking as a home user: If you run a lock-down program such as Deep Freeze or ShadowUser, and reboot after each surfing session, then none of these exploits in your #1 paragraph - should they happen - will hang around to do any damage.

# re: Why you shouldn't run as admin...

Saturday, July 09, 2005 2:39 AM by Robb
My family survived from DOS 3.3 to Windows Me without so much as a single virus. So naturally, when XP came out, it never even entered my mind to make anyone a "Limited User."

The kids had moved away and it was just us adults now. One day, one of the computers had a very minor highjack -- the default search engine was changed. I tracked it down to a 'free' screensaver that was installed.

We've been user-accounts ever since. I've had to learn a lot more than I should have to learn about permissions -- but most of that is the culture I described above. Software publishers are still not used to their users actually being in the Users group!

Microsoft needs to change the term "Limited Users" -- it sounds negative and restrictive. Perhaps call them "Protected User" and "Unprotected Admin" in XP Home. :-)

Great Blog, Aaron, it's helping me.

# re: Accepting Risk

Sunday, July 24, 2005 5:42 AM by E-Bitz - SBS MVP the Official Blog of the SBS

# Why you shouldn't run as admin...

Thursday, September 01, 2005 9:31 AM by Aceryt
Ping Back来自:blog.csdn.net

# I'm 'outting' myself

Monday, September 12, 2005 10:28 PM by E-Bitz - SBS MVP the Official Blog of the SBS

# I'm 'outting' myself

Monday, September 12, 2005 10:29 PM by E-Bitz - SBS MVP the Official Blog of the SBS

# I'm 'outting' myself

Monday, September 12, 2005 10:29 PM by E-Bitz - SBS MVP the Official Blog of the SBS

# re: Why you shouldn't run as admin...

Friday, September 16, 2005 5:17 AM by Richard
Attacking another computer on the network is easier as an admin, Aaron was right and Peter Torr is missing something.

Under an LUA, you can only open normal socketed connections and databgram listeners, but as an admin you can send christmas tree packets, half-open sockets and leave them (ie the famous SYN flood), etc.

Basically, the difference is that the LUA can only go through WinSock, the admin can build his own IP packet.

# re: Why you shouldn't run as admin...

Thursday, October 06, 2005 7:51 PM by Devin L. Ganger
There's anothe way in which it's easier to attack other computers as an admin than as a regular user -- and that's quite simply that admin accounts have the ability to make persistent changes to the system. If you normally run as a regular user but pick up a trojan or rootkit that one time you're browsing as an admin, you've just compromised that box regardless of who is using it.

Having a reduced attack surface doesn't matter nearly as much as an admin, because the admin account has the power to change the attack surface. It may not be a direct attack on other machines, but that doesn't change the fact it still puts them at greater risk.

# re: Why you shouldn't run as admin...

Thursday, December 01, 2005 12:41 PM by John Best
An issue that I consider a poor practice is companies that require a home user to go to Administrator for their software updates. I have a habit of getting in and out as fast as possible. I think my wireless router, anti virus, anti spyware and firewall software offer me a good measure of protection, but keep critical information on a PC that doesn't require constant calls for updates. Are there any comments on hardware and software protection levels of security?

# re: Why you shouldn't run as admin...

Monday, January 09, 2006 5:33 AM by R Cozakos
2006-01-09_02:17
I stumbled into this blog via an article at the PC Magazine website about four hours ago and haven't even been able to stop to fix my dinner (that's my tummy growling you hear) -- great stuff! I knew I couldn't be the only one frustrated by this stuff.

The XP help has a very pointed message about not running as admin, which I took seriously. Then I can't check the calendar, set power options, do MS updates ... I'll have to come back another time or two to really absorb it, but at least I know it's here.

BTW, some posts refer to "stupid" users being to blame for their problems for not following good practices. Just because a user is ignorant of all the arcane practices required to do it right does not mean they are stupid. Not everyone wants to be a computer/IT geek just to use the web. (someone stop me here...) Aaron has it right: the products have to be designed to require as little jumping through hoops of the users as possible.

# re: Why you shouldn't run as admin...

Sunday, January 22, 2006 11:02 PM by Paul Coddington
It is ironic that everyone blames MS, but if 100% of my software was MS I could easily run as LUA with little or no problem because at least most modern MS apps obey the rules.

It is all the non-MS software on my system that requires me to go through hoops and spend days figuring out how to trick them into running as non-admin.

Some are simple - such as letting them have write access to their installation folder (because the idiot who wrote them still uses INI files). Others are more complex - requiring RunAs, etc.

It is obvious why MS has the default setup account as admin - if they didn't most non-MS applications would not work and MS would be blamed for breaking them. Caught between a rock and a hard place, they are.

Interesting we don't see many complaints about say (to quote one random example recently on my list of annoying programs to install), Adobe Photoshop CS2 breaking the security rules and getting around them by sneakily and dangerously setting its installation folders to Everyone: Full Control?

I'm amazed at how many programmers out there, especially in the graphics and music sector, have no idea about the basics of where to store configuration information or where to save data, let alone security.

And don't get me started on all those antivirus and antispyware solutions out there that require the user to be an admin - sort of like having a burgular alarm that only works when your house is unlocked and the doors are open.

# re: Why you shouldn't run as admin...

Wednesday, February 22, 2006 6:07 PM by JSE
contrary to Paul C.. I find it is MOSTLY MS applications - in particular, their games - that cause me administrator grief.  I worked around it by creating an account for the kids to run games in - an admin account, but took away all the internet access, and left their regular accounts as LUA.  Other game companies have been better...

# Microsoft gets a security clue?

Wednesday, May 24, 2006 4:12 PM by Status
I guess I should have already known this, but it honestly hadn't crossed my mind that a major corporation with an intimate knowledge of the risks involved hadn't actually yet weaned users off local admin rights yet.

My first clue should have been that

# Why you can run as local admin.

Monday, July 31, 2006 5:43 PM by Anonymous
Well, if you have common sense, run a decent antivirus, and a firewall such as ZoneAlarm that prevents apps that do not have net access from tapping into the ones that do.  Also, run ProcessGuard from DiamondCS for heaven's sake!  Then processes cannot install drivers or services without your permission or use global hooks to steal information you are entering into other programs... etc.  Besides, then any processes that you have not authorised to run, cannot!  I should also hope that the ONLY time you use IE as a web browser is to do windows updates!  Seriously, get Opera or Firefox or any of the other non-IE based browsers out there and enjoy instant protection from overActiveX.

# re: Why you shouldn't run as admin...

Thursday, August 10, 2006 1:23 PM by Anon

We have login scripts that we use to install software that must install as admin.  How do we elevate the privileges of the script during login?

Use a computer startup script instead of a login script.  Startup scripts run as LocalSystem.  If you also need to perform per-user actions, factor those out into the login script and leave the machine-wide stuff in the startup script.

-- Aaron

# Windows Vista Secret #4: Disabling UAC

Wednesday, September 20, 2006 3:29 AM by Tim Sneath
If you're a reader of this blog, I'm going to take a low-risk gamble and assert that you probably consider...

# Windows Vista Secret #4: Disabling UAC

Friday, November 03, 2006 2:37 AM by Tim Sneath

If you're a reader of this blog, I'm going to take a low-risk gamble and assert that you probably consider

Leave a Comment

(required) 
required 
(required)