Posted by: Troy Tate
exploit, group policy, information security, least user authority, lua, Microsoft, principle of least privilege, security bulletin, vulnerability
I recently blogged about the fact that the initial reports of the Google Aurora attack focused on Internet Explorer version 6. Some comments on the Information Security Community Group on LinkedIn got me thinking about another part of the successful exploit that could have reduced the impact, if not completely prevented it.
The Microsoft security bulletin states that “Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.” That’s great news for a lot of organizations that have taken the operational stance of least user access or the principle of least privilege. Not everyone has to run everything as a local administrator on their computer. This would prevent a lot of home users from being infected and definitely help businesses reduce the impact of successful exploits of known and previously unknown vulnerabilities.
How much news about security breaches do you think there would be if LUA was put into practice everywhere possible? Maybe then we could focus on addressing other business application issues like getting incompatible applications upgraded from Internet Explorer 6 to IE8.
Thanks for reading and let’s continue to be good network citizens!