Re: Security issues, purchasing a new, pre-loaded, Windows XP computer

From: Mike Lyman (
Date: 10/08/02

Date: Tue, 08 Oct 2002 08:13:57 -0700
From: "Mike Lyman" <>

On 10/7/2002 at 8:53 PM Tijl Schoonenberg wrote:
>But.. why leave all features installed on his system? i.e. uninstall IIS,

XP Home should not have IIS.

>O yes... I think you already crossed the following: the Administrator
>password is EMPTY on any just-installed system running Windows XP. At
>I noticed it on some XP Corporate installations and I think it's the
>default. So the first thing to accomplish is an Admin-password ;-)

While still an issue with physical access to the computer, by default, XP
local accounts without passwords cannot be used to access a computer from
the network.

>Getting (all) other accounts out of the Administrators-group (or giving
>them good passwords) might be a job as well as I noticed that users being
>created in the install-phase are put inthere (aargh, BILL! why?? heh;

Too many app installs break when users aren't admins. Some apps break when
users aren't admins.

Mike Lyman
pgp keyid 0xD7BBADAD