Haven't you ever thought that the greatest security hole in windows is the practice of working as an administrator (or user which is a member of the administrators group). And this is the default setting in every installation. And nobody ever urges people to work under a restricted user account. It's not only MS to blame for this though, commercial software (i.e games, communication software) is being written with the presumption of running with full privileges.

So, the above point is the key issue IMO.
Also application integration is another troublesome factor.

As for SP2, the best thing about it is not what actually does, but the fact that MS has decided to break the so far sacred application compatibilty in the name of security - finally someone senior at MS realized that security is not a matter marketing policy but it's something real which has its price.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/265/28433#28433