An ordinary user can add a registry entry that would cause any subsequent administrator logon to inadvertently run the users code.
To close this security hole, use Regedt32 to navigate to:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software
Use Security / Permissions to remove the write permission on this key for ordinary users.
0 comments
Hide comments