Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog

The Non-Admin blog - running with least privilege on the desktop... and then dealing with the application compatibility fallout... and using Sysinternals and other utilities to figure things out

Browse by Tags

Tagged Content List
  • Blog Post: Anti-virus vs. Non-Admin

    This may be controversial, but I truly believe it and I'll say it: With today's threat landscape and the way malware works today, you are better off running as non-admin WITHOUT anti-virus than you are running as admin WITH anti-virus. If your anti-virus/anti-spyware/anti-malware software requires...
  • Blog Post: I'm Back! Upcoming Posts...

    It's been way too long, but I'm going to force myself to find the time to get more "least-privilege" information posted here. Most of my posts til now have been about ways for those of us who administer our own machines to run Windows as a non-admin, invoking administrator privileges only when truly...
  • Blog Post: Running restricted -- What does the "protect my computer" option mean?

    If you’ve been reading my “non-admin” posts, by now I assume you have seen the Windows XP “Run As” dialog. (If you haven’t, please read this post first: "RunAs" basic (and intermediate) topics .) The initial settings when the “Run As” dialog opens are to run the program as the current user, with an option...
  • Blog Post: "Zero-day" attacks and using limited privilege

    There have been a couple of credible sounding stories in the press in the past week or two about zero-day attacks - that is, the malicious exploitation of previously unknown vulnerabilities. I think we're going to start seeing more of these, as the bad guys better understand the economic value of finding...
  • Blog Post: "RunAs" basic (and intermediate) topics

    In this posting: What is RunAs? How to use RunAs from the GUI (even if you can’t see it) Using RunAs from the command line When RunAs won’t work Useful RunAs shortcuts and related tips for the non-admin Did you know that millions of people run as non-administrator...
  • Blog Post: The easiest way to run as non-admin

    Upcoming posts in my LUA/non-admin track: Using secondary logon (RunAs) Running control panel applets as admin Using RunAs with Explorer Temporarily elevating your current account to admin without logging out Running with a restricted token (what does “protect my computer and data from...
  • Blog Post: Why you shouldn't run as admin...

    First, let’s define terms. This may be oversimplifying, but for the purpose of this discussion there are only two types of users: Administrators, and Users. They are essentially distinguished by membership in the “Administrators” and “Users” local groups. “Administrators”...
  • Blog Post: Not running as admin...

    The security principle of “least privilege” is well understood: Software should run with the smallest set of privileges needed to perform its tasks. Low-privileged processes can do a lot less damage when they are compromised (or just buggy) than processes running at high privilege levels...
Page 1 of 1 (8 items)