Periodik Labs

When you login to your Windows box as Administrator or as a user that is a member of the Administrators group, every application you run has Administrator permissions. This includes, of course, such commonly exploited applications as Internet Explorer and Outlook. If you get a viral email attachment or hit a malware-infected web page and inadvertently execute the attacker's code, that code is running at the same permission level as the application hosting it. If that application has Administrator-level privileges, your entire system is laid bare to the attacker.

Fortunately, Windows provides programmers with APIs that allow applications to be launched with their privileges restricted. You don't really need Internet Explorer to have the ability to write to your system32 directory, so why give it that ability? Michael Howard has a write-up (including sample code and a working executable) on how to accomplish this.

Now, given that the sample code is freely available, it would be nice if someone could pick up the ball and add some additional features. For instance, automating the process of creating shortcuts so that users do not have to create them manually. Maybe make a little launch bar that hold restricted applications (or maybe existing launch bar authors can incorporate the limited-privileges launch into their products). How about hooking the Windows shell so that when a user launches an application she is prompted for the privilege level she would like? Of course, that last one would need some way of saving the preference for each application, since that could get annoying really fast.

When one user secures their computer, everyone wins: that's one less computer able to propagate viruses and other malware to the rest of the world. We should make it as easy as possible.