Results 1 to 4 of 4

Thread: True of False: Standard User Account (Limited Account) is most secure?

  1. #1
    riceorony Guest

    Default True of False: Standard User Account (Limited Account) is most secure?

    Hello all (and a Big salutations to Oldsod!)

    I wanted to see what everyone's opinion on this matter is. I purchased a computer for a sibling and wanted to know whether giving them a Standard User Account (under Vista) would be enough to deter from 99.9% of malware/virus/troyan/etc. infections? As I recall from previous advice from this board, a Standard User Account has limited access and requires entering the Admin password in order to install or use various services in the Windows OS. Therefore, would this alone suffice to keep a PC clean from drive-by-downloads, poor web habits (e.g. opening and downloading email attachments), etc.?

    To my understanding, the reason why malware runs rampant is that 99% of people use their administrator account (mostly due to convenience). I might be severely misinformed, so any help would be great.

    I wish everyone a great summer!

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: True of False: Standard User Account (Limited Account) is most secure?

    Hi Ron.
    How you are okay and things are going good.

    Limited user accounts will stop or deter most of the 'unpatched' exploits against windows.
    This alone protects the windows from many unknown exploits or exploits yet to fixed.


    Limited user accounts will stop 'garden variety' types of spyware/adware/cool web search wares/unwanted changes to windows itself and the browsers and the personal settings.... and probably stop only some worms/troyans/malware/viruses and rootkits (not all only some).
    Why only some - because any virus/worms or troyans that literally destroys windows files and the file system of the hdd will not be protected by the limited account alone.
    Some viruses/worms/troyans are extremely destructive and will simply destroy everything after they have stolen and relayed all personal data/passwords and personal or private details.

    Some rootkits do not install when windows is active as the limited account and instead hide in memory waiting for the windows shutdown to finally install, thus avoiding windows protection. Once installed, they are running at the next windows boot, and running with a limited user account.

    Emails...most but not all threats would be defused by a limited user account..obviously a bat or com file would not do any damage, but some nasty virus could do some serious damage.

    Partnered with a limited user account must be the full time resdient antivirus - to catch any active virus/worms/troyans and malware.
    The dedicated spyware full time scanner is not really needed with a limited user account. Nor is a full time HIPS as limited user account is bascially a HIPS for windows.

    Oldsod.
    Best regards.
    oldsod

  3. #3
    riceorony Guest

    Default Re: True of False: Standard User Account (Limited Account) is most secure?

    Oldsod,

    Your insightful advice is always appreciated. I enjoy how you explain it clearly and make it easy to understand.

    Best,
    riceorony

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: True of False: Standard User Account (Limited Account) is most secure?

    You are welcome, riceorony.
    But with a limited user account is still required the practise of 'safe hex', as always.

    Best regards.
    Oldsod.

    Message Edited by Oldsod on 07-12-2009 09:35 PM
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •