The Integrity of Process's has been in Since Windows Vista/7, its not new in Windows 8. But yes the premise is correct that running process in least privilege context is the correct method of reducing the attack surface of the operating system by default.,
Z Edward E. Ziots, CISSP, CISA, CRISC, Security +, Network + Security Engineer Lifespan Organization [email protected] Work:401-255-2497 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Ben Scott Sent: Tuesday, May 13, 2014 9:52 AM To: [email protected] Subject: Re: [NTSysADM] Security groups in AD On Tue, May 13, 2014 at 6:00 AM, James Rankin <[email protected]> wrote: > Just noticed this on a Windows 8 machine running RSoP - what are > "Authentication authority asserted identity" and "medium mandatory level"? I believe the "medium mandatory level" is part of the MIC (Mandatory Integrity Control) stuff. Basically, the system automatically assigned integrity levels to things, and they propagate automatically. I learned about MIC in the context of Microsoft Internet Explorer. MSIE runs the most vulnerable parts at a lower integrity level, so when they get compromised, there is a chance of minimizing the damage. In terms of the (all rise) Orange Book (be seated), it's Microsoft deploying some Mandatory Access Control for you. -- Ben
