Re: Infection risks with an account with no administrator rights?

From: Karl Levinson, mvp (levinson_k_at_despammed.com)
Date: 09/01/05


Date: Thu, 1 Sep 2005 07:35:57 -0400

No no no! Running Windows, Internet explorer, etc. as non-administrator
does NOTHING, ZERO, to prevent viruses. People running as non-admin can
still be infected, flood the network with virus traffic, have their
passwords and credit card numbers and keystrokes logged and emailed out to
an attacker, change the registry to re-load the virus when the computer is
rebooted, etc.

It IS very effective at preventing spyware and adware [spyware meaning
programs that track your browsing habits for advertising purposes, not
malicious attacks like keystroke loggers]. This helps mainly because the
spyware and adware authors are lazy. They could very easily re-write their
programs to work as non-admin if they wanted to. These programs are mainly
a nuisance and a moderate threat to your privacy.

Running as non-admin mainly helps you control what the user can install and
configure on the system, not what an outside attacker or malicious code can
do. Most of the things that malicious code wants to do, it can do as a
non-admin. Most viruses don't try or need to use any administrator
privileges. And once a human attacker has non-admin privileges on a system,
it is not too hard to do lots of bad things with those privileges, or
escalate to admin privileges on that system or another system.

When it comes to viruses, running as non-admin does help a little on Windows
systems shared by multiple users: one infected user does not automatically
infect everyone else on the computer. For systems used by just one user,
this matters not.

There are a number of articles out there on how running as non-admin helps
against viruses. Many of them are mistaken.

Running as non-admin is NOT anti-virus. If you don't believe me, look at
most of the recent viruses, network and email worms, etc. and consider
whether running as non-admin would have stopped them. Zotob, Mydoom, Mimail,
etc. etc. are NOT hindered by running as non-admin.

<deguza@hotmail.com> wrote in message
news:1125548037.219996.252920@g44g2000cwa.googlegroups.com...
> Hello All:
>
> I'm considering setting up another account on my XP professional with
> no administrator rights to minimize getting viruses. Our IT department
> at work to the way the administrator rights from users do Windows 2000
> computers, saying that this will prevent infections.
>
> What I'm wondering is if there are still infection risks with this type
> of account on an XP professional environment.
>
> Any comments would be appreciated.
>
> Deguza
>