Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 Less Vulnerable Without Admin Rights.

31 Mar 2010   #11
windows7user

Windows 7 Professional x64
 
 

Actually, this information doesn't surprise me. I'm a student majoring in computer engineering and actually this is actually a big reason why people who use Linux and Macs are safer. Not because Linux is just built to be more secure (at the kernel level, I think Windows 7 is just as secure as Linux since Windows implements DEP and ASLR), but because they emphasize not using the root account (Admin) as the default account. If you need a program to run in administrator level, Linux will ask you then to input the root password. UAC, as I see it, was suppose to be an easier alternative to Linux's way of inputting an admin password everytime; instead you answer yes or no to a question. Unfortunately, people find it more annoying to answer a Yes/No question than typing your password everytime.

You see, when a program runs in an administrative level, it can do more damage. Linux prevents this by encouraging the use of a lower level account and having the user to input the root password when only necessary. In contrast to Windows, most people use the Admin account as their default account. Hopefully, UAC would notify the user if he/she would like to run a program, but most of the time just mindlessly click Yes not checking if the program is safe.


My System SpecsSystem Spec
.
01 Apr 2010   #12
jav

Windows 7 Ultimate x86 SP1
 
 

Quote   Quote: Originally Posted by seekermeister View Post
Personally, I don't find that the source of the information is MS to be particularly reassuring.
Quote   Quote: Originally Posted by karlsnooks View Post
I agree with Seekermeister.

A report from an independent source would be more credulous.

"I am good because I say I am good" does not carry much weight with me.
Quote   Quote: Originally Posted by Silverscreen View Post
Just the fact I saw a 100% in there makes me question the validity of the claim, I doubt its truly possible to relieve 100% vulnerabilities with something so simple, If it were true, truly true, Microsoft would have caught it sooner, not that I have much faith in their qc, but I believe them at least competent enough to catch something like that sooner if it were possible.
ok, I see. None even bothered to read original report.

@Silverscreen, if you have read report. It says 100 % of Microsoft Office vulnerabilities reported in 2009 and published in security builitten...
Who says Microsoft hasn't caught it already? It only says that it could be prevented running as LUA.

@karlsnooks

It's not Microsoft who is saying I am good because I am good!!!
It is report from "BeyondTrust".

On my last post I reffered to Microsoft security bulletin.
Let me clarify it:
Microsoft Security Bulletin (aka Technet security Bulletin) is a report of security vulnerabilities reported to Microsoft, and confirmed as security risk by Microsoft...

For example this is a out-of-band Security Bulletin for March 2010:
Microsoft Security Bulletin MS10-018 - Critical: Cumulative Security Update for Internet Explorer (980182)

I am the same as you guys.
I DO doubt trustworthiness of "BeyondTrust".
But I don't doubt on facts they used for anlyses. (I mean core fact, which are Security Bulletins)

Hope, none was offended by my words
My System SpecsSystem Spec
01 Apr 2010   #13
ACR731

Win 7 Pro x64
 
 

I don't want or need Microsoft telling me how to use MY computer, or what I can access in their OS. I (and all Windows 7 users) paid a lot of money for the OS. Microsoft needs to shut up and let people use their computer the way they want to, and not how Microsoft wants us to.
My System SpecsSystem Spec
.

01 Apr 2010   #14
karlsnooks

MS Windows 7 Ultimate SP1 64-bit
 
 

acr,
Amen! I run my computer wide-open, that is no user account restrictions. I run as administrator. I stay away from peer-to-peer networks and dubious websites. Between google and whois I can determine if a site is to be avoided. I do not go to sites recommended by others (including those that appear in this forum) without first checking to see if the site is reputable. I use Firefox with NoScript and also WOT (web of trust) add-ons. I use Microsoft Security Essentials and Windows Firewall (although the default configuration is weak in my opinion).

True, with GPEDIT.MSC I can turn-off some of the annoying -do you really want to do this?- nag screens from Microsoft but easiest is to turn the things off completely.

I want control of my computer and I don't want MS trying to put their ways onto my computer.
My System SpecsSystem Spec
01 Apr 2010   #15
Silverscreen

Windows 7 7600 64Bit
 
 

Quote   Quote: Originally Posted by jav View Post

ok, I see. None even bothered to read original report.

@Silverscreen, if you have read report. It says 100 % of Microsoft Office vulnerabilities reported in 2009 and published in security builitten...
Who says Microsoft hasn't caught it already? It only says that it could be prevented running as LUA.
Yes, I actually have read it, I know it said 100% of problems reported between 2009 and 2010, I still find it hard to believe when 100% is being thrown around in a situation like this, but its just an opinion.
My System SpecsSystem Spec
01 Apr 2010   #16
jav

Windows 7 Ultimate x86 SP1
 
 

Quote   Quote: Originally Posted by Silverscreen View Post

Yes, I actually have read it, I know it said 100% of problems reported between 2009 and 2010, I still find it hard to believe when 100% is being thrown around in a situation like this, but its just an opinion.
Sorry for being a bit aggressive on last post

I do understand what you mean. I never liked 100% things myself.

But in my opinions 100% of all malware and 100% of all reported and published malware are different things.
Second one is acceptable, thought one may still doubt.
First one, none can know it...

Anyway, we all have different opinions and so I respect yours.
My System SpecsSystem Spec
02 Apr 2010   #17
manhunter2826

Windows XP - Now Windows 7 Home Premium (64-bit).
 
 

True to say (?) that most/much of the damage inflicted by viruses and malware is reliant on Admin-rights access to the OS. Indeed, should not one browse the Internet only as a standard user?
My System SpecsSystem Spec
03 Apr 2010   #18
Tepid

Win 7 Ultimate 32bit
 
 

And to all of you who say the following.......

Quote:
I don't want or need Microsoft telling me how to use MY computer, or what I can access in their OS. I (and all Windows 7 users) paid a lot of money for the OS. Microsoft needs to shut up and let people use their computer the way they want to, and not how Microsoft wants us to.
Don;t complain about how Horrible Windows is when you run this way.
And don't expect any shop to charge you less than $100 to fix it WHEN, that's right WHEN it does break.

You make your decisions, you live with them.
You have been warned, you have been advised, You are on your own.

*****************8

Quote:
Actually, this information doesn't surprise me. I'm a student majoring in computer engineering and actually this is actually a big reason why people who use Linux and Macs are safer. Not because Linux is just built to be more secure (at the kernel level, I think Windows 7 is just as secure as Linux since Windows implements DEP and ASLR), but because they emphasize not using the root account (Admin) as the default account. If you need a program to run in administrator level, Linux will ask you then to input the root password. UAC, as I see it, was suppose to be an easier alternative to Linux's way of inputting an admin password everytime; instead you answer yes or no to a question. Unfortunately, people find it more annoying to answer a Yes/No question than typing your password everytime.

You see, when a program runs in an administrative level, it can do more damage. Linux prevents this by encouraging the use of a lower level account and having the user to input the root password when only necessary. In contrast to Windows, most people use the Admin account as their default account. Hopefully, UAC would notify the user if he/she would like to run a program, but most of the time just mindlessly click Yes not checking if the program is safe.
This has been advised since day one that NT/2000/XP have been released.
DON'T RUN AS ADMIN. But they dropped the ball when they setup Windows out of the Box as an Admin to make it easier to setup, people nver took real control of their PC's. They assumed they should run as Admin and it was never changed. Now they are trying to change it to cut down the infection prone system, and people still complain.

Get use to it, or stop using Windows.
My System SpecsSystem Spec
03 Apr 2010   #19
CarlTR6

Windows 7 Ultimate 32 bit
 
 

Windows 7 administrator account is not as wide open as it was in XP. I guess that is a good thing security wise, though annoying at times. I, stay away from peer to peer sites and never click on an unknown (to me) link without checking it first.
My System SpecsSystem Spec
03 Apr 2010   #20
Tepid

Win 7 Ultimate 32bit
 
 

Well,, the biggest thing that MS are trying to do, is make it easier to be protected, at least more than they were (something a lot of people complain about with XP, "It's not secure, WhAAAaaa").

Now, it's the opposite, "Don't tell me what to do" mentality. People, You can't have it both ways.
My System SpecsSystem Spec
Reply

 Windows 7 Less Vulnerable Without Admin Rights.




Thread Tools




Similar help and support threads
Thread Forum
Program needs admin rights on Windows 7 Home but not Pro?
I have just downloaded the program Supremo.exe (md5: 274cfff6aff2f7c71b9d517a3a027c90) from http://www.supremocontrol.com/download.aspx?file=Supremo.exe&id_sw=7 Running the program (no installation, just double clicking on the exe) on computer 1 (Windows 7 Home Premium SP1 64 bit) I am prompted...
Software
Open Windows Explorer with Admin rights
Hi there, I have the following scenario: - Windows 7 - User Account Control UAC enabled (level 3 out of 4) - User account is member of the Administrator's group I open the Windows Explorer and want to change an .ini file located in the C:\Program Files (x86)\... folder. The file always...
Performance & Maintenance
In Windows 7, how can we change the IP Address without Admin rights?
Hi , I am using a windows application which has a feature to change the IP address to 10.XX.XX.1 to connect to a server and restore it back to its original address on exit of connection to the server. The windows application is run with administrator rights. Now i want to run the application...
Network & Sharing
Windows 7 pro asking for Admin rights for every little thing...
At my job we just went from a windows xp machine to a windows 7 professional. when Some one with out admin rights does anything it asks for someone with admin rights to type in their info (their username and password). For instance, I had one user trying to download an email attachment and it asked...
Network & Sharing
admin user lost some admin rights
I can't delete a file from the desktop. When I try, it says to get the rights from the specified admin user (which I'm logged on). The strange thing is that I still can create other users from this account (including admins). Any suggestion on what to do?
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:56.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App