Slashdot Mirror
Users' Admin Logins Make Most Windows Malware Worse
nandemoari writes "A new analysis claims that over 90% of the Windows security vulnerabilities reported last year were made worse by users logged in with administrative privileges — an issue Microsoft has been hotly debating recently. According to BeyondTrust Corp., the result of the analysis of the 154 critical Microsoft vulnerabilities indicated that a full 92% could have been prevented if users were not logged into their systems with administrator status. BTC believes that restricting the number of users who can log in with these privileges will 'close the window of opportunity' for attackers. This is particularly true for users of Internet Explorer and Microsoft Office."
What morons are modding posts like this insightful? Anyone with the slightest bit of knowledge on the topic knows that UAC and Microsoft's policy of requiring admin privilages for admin level access by programs WAS the way microsoft fixed their shit. You know, back when they made Vista.
What? Are you trying to blame Microsoft for problems they fixed a full 2 OSs ago? Shall I start bringing up UNIX problems and saying, "This is the problem with linux"? That is the discrepency here. Vista, while it does have its problems, represents a full departure from the "admin for everything" era.
Until they've done what can be done, we're still entitled to gripe.
Thats right! an OS must conform to the full Orange Book specifications before we can praise it for anything!
You want to blame Microsoft for lazy software companies just asking for admin access for their whole program? Game manufacturers not using the API right? Or maybe, just maybe, you are a karma whore looking for some anti-Microsoft mod. Thats okay, most of the posts in this whole fucking article are equally foolish.
If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
While this particular study may have been done by a party with a vested interest in the outcome, results like this are not new. I remember reading a blurb in eWeek several years ago comparing the number of infections on an XP computer being run as an admin, a power user, and a restricted user. There was very little difference between admin and power user, but a huge improvement running as user. Since then I have run as a user, and successfully used Run As or fallen back to logging out and logging in as admin when absolutely necessary. (OK, for some legacy apps I've gone into their Program Files directory and changed the permissions so users can write. Not the best solution, but it worked.)
The thing that worries me about UAC is that, even when it's used correctly, it lulls the average user into a false sense of security. Users are being trained to click on the Approve button. They have to do this so many times each day, even when not doing anything that they would consider important or administrative, that it will be a piece of p1$$ for malware authors to simply get users to click Approve and be done with it.
The thing I don't understand about this article is what they mean by running in admin mode in Vista, because I thought it was all user and UAC. Are there different levels of UAC?