Antivirus protection the old-fashioned way...


« Security patches in Firefox 3.0.6, upgrade urged | Main | Conficker Worm Reward Offered by Microsoft »

02/05/2009



Antivirus protection the old-fashioned way...

Kevin R. Smith
Co-Editor


As most everyone would agree, in this day and age, anti-virus software of some kind is a necessity on your PC. In-the-know PC security experts would even go so far as to say a firewall is necessary, too.

But what most never bother to talk about is other preventative measures--free ones at that--that you can take to make (and keep) your PC significantly more secure.

What most consumers--and even some businesses, too--don't know about Windows 2000, Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008 is that you can setup different accounts with different levels of permission on the computer.

What's the big deal with this?

Here's the scoop: there are two basic levels of permissions in Windows: Administrator and User. Practically speaking, all accounts in Windows are one of the two. Here's where things go off the rails...

Microsoft, in their infinite wisdom, makes all default user accounts Administrator accounts. This means the user account you originally setup your Windows XP with is an Administrator. Administrator accounts can do virtually anything to the computer.

Administrators can install files. Administrators can kill processes or running programs. Administrators can change the priority of some tasks to make them get more of your machine's horsepower or less.

That doesn't sound so bad, but here's where the plot thickens. Administrator accounts can even hide processes and other things on the machine, and as we already know, Administrators can install programs.

What does that have to do with viruses? Well, what is a virus really other than a program with malicious intent?

Thus, this means many viruses, since they're nothing but evil programs, acutally rely on your account being an Administrator for them to even function!

So, long story short: since Administrator accounts are needed (in many cases) to have the permission to install the virus, trojan, worm, spyware/adware, or other malware in the first place, what would happen if you weren't an Administrator?

Elementary, my dear Watson.

You make it harder for your computer to get infected in the first place. Much harder in fact. There's a really interesting piece over at Computerworld about the benefits of removing administrator rights and running as a regular user. One company, BeyondTrust Corp, is quoted in the article as saying,

"When BeyondTrust looked at the vulnerabilities patched for Microsoft's browser, Internet Explorer (IE), and its application suite, Office, it found that 89% of the former and 94% of the latter could have been stymied by denying users administrative privileges."

Wait a second here... you mean to say something like 90% of the vulnerabilities could have been mitigated just by using the right user account on my computer?

Yup.

Couple that with Internet security software, and you've got a really solid level of protection against most viruses and most other computer security threats.

OK, now that we understand there's something else you can do to prevent viruses from getting onto your computer, the question is: how do you make an ordinary User account that doesn't have Administrator rights and how do I use it?

The single most important thing to remember is this: you must keep at least one Administrator account on your computer, so DO NOT delete the one you're using now.

Secondly, if you're going to try this, bear in mind that things can go wrong--horribly wrong in some cases--when you try to deal with accounts and permissions issues. If it breaks, you're on your own.

Here are Microsoft's instructions on how to create & configure user accounts in Windows XP.

Once you have your new account made, you may need to grant permissions to that new account to run the various programs you intend to run.

To do this, you'll need to either log out and back in as the Administrator, grant permissions then log out as Administrator and back in as your new User account -OR- familiarize yourself with Microsoft's "RUN AS" command, which temporarily grants your current user account the ability to do a certain task as Administrator without the pain of logging out and back in.

Now that you've gotten that far, start using the regular "User" account to perform your ordinary day-to-day tasks. After a couple of days of use, you will have probably encountered just about all of the little permissions snags where you need to grant permission to such-and-such software for your new User account to function.

Then, when you purchase new software and need to install it, just log in temporarily as your Administrator account, install the software, and grant your new User account permission. Then when you log in as that User, you'll have the benefits of both your new software and significantly increased computer security over and above your antivirus software.

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a0133f40d81f4970b0134876491d7970c

Listed below are links to weblogs that reference Antivirus protection the old-fashioned way... :

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.