'RE: Release notes on Antispyware - heads up for SMS folks'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       patchmanagement
Subject:    RE: Release notes on Antispyware - heads up for SMS folks
From:       "Long, David A." <along () systemsmith ! com>
Date:       2005-01-18 19:38:12
Message-ID: 198404684F2CD8488318C2258FE09BA8056D97 () mail1 ! systemsmith ! com
[Download RAW message or body]

"For the record Office can install and run in user mode.", Then you
haven't been "using" Office, try this:

On a new machine run Outlook 2003, go through the new email account
wizard and try an configure an Exchange account without Administrator
rights. You will get a PST file that downloads and deletes all email in
the user's mailbox! Now if the user accesses their mailbox from another
machine or OWA, it seems that they have lost all of their email. Until
they explain what machine they configured the new profile on and someone
can access the PST file to export their email back into the mailbox.

How is that for user friendly and running in user mode? 

Not to mention that the user mode access cannot update Office or install
any "advertised" features.

Andy Long

-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
[mailto:sbradcpa@pacbell.net] 
Sent: Tuesday, January 18, 2005 8:42 AM
To: Patch Management Mailing List
Subject: Re: Release notes on Antispyware - heads up for SMS folks

Have you seen the newest Redhat and SuSe desktops?  They ask if you want
to save the admin password.....
http://www.sbslinks.com/images/patch.png

For the record Office can install and run in user mode.  It's the
applications from all the third party vendors that are the sucky ones. 

http://www.threatcode.com  nominations are truly welcome.  Perhaps we'll

have an annual awards ceremony....Tux's and ballgowns anyone?   hmmm... 
now that Jennifer is free of Brad maybe she can host it?  ;-)

Susan

Todd Towles wrote:

>I have to agree with Glenn.
>
>After being in the linux/UNIX world for a while you tend to see the 
>difference. Most Linux programs assume you aren't root and will ask you

>to move to root to run a certain command. This is a idea that reflects 
>least privilege security at its core. Windows itself and most programs 
>designed for Windows assume you are admin and this doesn't reflect 
>least privilege security at all.
>
>Does this mean that Windows is horrible and you can't secure it? No of 
>course not...but there has to be a fundemental shift toward least 
>privilege security to fix the admin problem in the Windows camp. It 
>shouldn't take a IT professional weeks of testing to grant key and 
>folder premissions. A home user will never be able to do this and 
>unless Microsoft makes this move, average users will be open to 
>spyware/adware and viruses. It is getting so bad..I have seen article 
>about people reducing their time on the internet - just because of all 
>the spyware/adware/pop-ups. I know I get mad at a person computer when 
>I go over to fix it, and all I get is pop-ups and it is running like a 
>400MHZ.
>
>Just my 2 cents.
>
>-Todd
>
>  
>
>>-----Original Message-----
>>From: Turner, Glenn [mailto:Glenn.Turner@apra.gov.au]
>>Sent: Monday, January 17, 2005 8:09 PM
>>To: Patch Management Mailing List
>>Subject: RE: Release notes on Antispyware - heads up for SMS folks
>>
>>For home users, the same situation exists.  So much software requires 
>>Admin privileges -  I suspect that half the software out there wasn't 
>>even tested under a non-admin account.
>>
>>At least patching it all is easy if all home users are logging in as 
>>admin anyway...
>>
>>Glenn
>>
>>-----Original Message-----
>>From: Jeff Bernt [mailto:berntj@oit.edu]
>>Sent: Monday, January 10, 2005 9:46 AM
>>To: Patch Management Mailing List
>>Subject: RE: Release notes on Antispyware - heads up for SMS folks
>>
>>Hi.
>>
>>I work down at Oregon Tech. Quick question? What kinds of applications

>>are you able to run without admin privileges?
>>We've tried to take away admin from all our users, but so many 
>>applications on the desktop and in the labs require a lot of tweaking 
>>just to run, much less without admin.
>>
>>
>>
>>IMPORTANT NOTICE:
>>
>>This e-mail is intended solely for the person or organisation to whom 
>>it is addressed, and may contain secret, confidential or legally 
>>privileged information.
>>
>>If you have received this e-mail in error or are aware that you are 
>>not authorised to have it, you MUST NOT use or copy it, or disclose 
>>its contents to any person. If you do any of these things, you may be 
>>sued or prosecuted.
>>
>>If you have received this e-mail in error, please contact the sender 
>>immediately.
>>
>>
>>
>>---
>>To unsubscribe send a blank email to
>>leave-patchmanagement@patchmanagement.org
>>
>>    
>>
>
>---
>To unsubscribe send a blank email to 
>leave-patchmanagement@patchmanagement.org
>
>  
>

---
To unsubscribe send a blank email to
leave-patchmanagement@patchmanagement.org

---
To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic