Standard User accounts issue


  1. Posts : 83
    Windows 7 Pro 64
       #1

    Standard User accounts issue


    A few days ago, I heard about the .LNK file icon vulnerability, got a little concerned since there was no easy fix, and looked for ways to limit my exposure. After flailing about a bit, I decided it was time to look at the "Standard User" accounts in W7.

    I set up a new user, made it Standard, and copied over my Firefox profile, and I was up and running. It was surprisingly easy, and over 90% of my user experience is now running fine as "OrdinaryUser". I was surprised at how I rarely have to switch users. Most Administrator type tasks can be accomplished by just trying it, then W7 notifies that I gotta be Admin for that, and asks me to pick an Administrator account, and give a password for it, then it just works. I think I am going to use this as my primary account--it gives me a (possibly unjustified) sense of heightened security.

    However one complaint/question. As part of getting familiar with the new diggs, I edited the Registry, ( HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\BootAnimation )
    was asked for the PW etc. and it worked fine. But now, I can go back to the same key and edit it WITHOUT any prompting, from the Standard account. I will experiment further, but it seems that my Standard User account now has unprotected access to the registry. Which makes my warm feeling of security just a little less comfortable.

    Any wise words welcome.
      My Computer


  2. Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       #2

    Hi, periboob.

    Have you restarted the computer since making the initial registry edit?
      My Computer


  3. Posts : 83
    Windows 7 Pro 64
    Thread Starter
       #3

    Had to test it. I had logged-off, but the computer is rarely powered off, so I made sure. Power-down completely, log-on with Std User, still can edit the registry key without challenge. Seems an unnecessary weakness in the generally accepted rule that Running without admin privileges gives a good extra layer of security.

    However, editing/renaming files in the system areas still draws a credential check.
    Last edited by periboob; 25 Jul 2010 at 16:58. Reason: more detail
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:56.
Find Us