No, I have all my users running Outlook (2003 and 2007 and 2010) without any special group membership...just regular users.
On Wed, Apr 28, 2010 at 12:14 PM, Mayo, Bill <[email protected]>wrote: > I didn't mean to imply that you had to be an admin, but you can't run > Outlook 2003 on Windows 2000/XP as a regular user out of the box (I > assume the same would be true even if the OS was a higher version, but I > don't know). > > When we were going to XP (many years ago), we wanted to change our staff > to be just regular users (member of Users group only) on the computers > at the same time and did testing. We found that you could not run > Outlook 2003, unless you were at least a member of Power Users. As you > know, being a Power User is not a whole lot different than being an > administrator (many documented ways for a Power User to make themselves > an Administrator if desired). These days, you can use tools like LUA > Buglight to figure out how to tweak the permissions to account for such > things. > > To this day, we still run into stuff from vendors that "require" > administrator permissions to run. (Again, reference the LUA Buglight > comment above.) > > Bill Mayo > > -----Original Message----- > From: Steven M. Caesare [mailto:[email protected]] > Sent: Wednesday, April 28, 2010 1:07 PM > To: NT System Admin Issues > Subject: RE: WTF? Fake AV > > " I mean, when you cannot even run Outlook without elevated permissions, > it becomes kind of pointless (based on Outlook > 2003 not working as a regular user)." > > What? > > We have 1000's of non-admin Outlook users. Going back a couple of > versions. > > -sc > > > -----Original Message----- > > From: Mayo, Bill [mailto:[email protected]] > > Sent: Wednesday, April 28, 2010 1:03 PM > > To: NT System Admin Issues > > Subject: RE: WTF? Fake AV > > > > That one sent me to Google. The quote is accurate, but I thought the > stated > > reason was interesting as well. As I interpet it, he says that in > most any > > browser it is easy to find bugs (in which he can place things into > memory), > > but that the actual exploit is easier in Mac OS because "I put the > code into a > > process and I know exactly where it's going to be". I have to assume > that is a > > browser issue, not an OS issue, because Mac OS X has been using > "system > > library randomization" > > for a while now. (I understand that the OS needs to control/limit > what the > > application does.) As I have said before on this forum, you can say > what you > > will about the reasons why there is an extremely minimal amount of > malware > > on the Mac as compared to Windows (70,000 new per day!), but the fact > > remains that you are much "safer" running Mac OS X today than you are > > Windows. Mac OS X does have some issues that need to be addressed, > and I > > think you will see more of that real soon now, as they have recently > had > > some high profile hires in that area. > > > > That said, I still think the original statement that the "security > model is > > better" is something of a different animal. The security model to me > is more > > of a general philosophy of how the user relates to the operating > system. > > Mac OS X, which is based on BSD Unix, uses the multi-user, > least-privilege > > model and has since day 1. Whether designed for it or not, that has > not been > > the model in use in the Windows world until relatively recently. I > mean, > > when you cannot even run Outlook without elevated permissions, it > > becomes kind of pointless (based on Outlook > > 2003 not working as a regular user). > > > > Bill Mayo > > > > -----Original Message----- > > From: Angus Scott-Fleming [mailto:[email protected]] > > Sent: Wednesday, April 28, 2010 12:27 PM > > To: NT System Admin Issues > > Subject: Re: WTF? Fake AV > > > > On 28 Apr 2010 at 11:00, Steven M. Caesare wrote: > > > > > > While I am not a huge fan of MACS, their security model is > obviously > > > > > > much > > > better than Windows > > > > > > I'd suggest that's an ill-drawn conclusion. > > > > +1. Charlie Miller, the Pwn20wn champ three years running, hacks Macs > > > +by > > choice over Windows because he says they're easier to hack. > > > > -- > > Angus Scott-Fleming > > GeoApps, Tucson, Arizona > > 1-520-290-5038 > > Security Blog: http://geoapps.com/ > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
