Quote:
|
Originally Posted by Windchild
If the exploit only manages to gain the privileges of the current user, then even the very basic measure of running as a limited user would be enough to prevent the infection, seeing how the malware attempts to load drivers and limited users don't have the privilege required for that.
|
Yes, the code runs under the current user's account. This particular malware has rootkit drivers (and I don't know how it behaves if it cannot load the drivers), but generally it's not a requirement.
Quote:
|
Originally Posted by Windchild
That would make this whole big fuss a little less big, at least for those of the Average Users who have been set up with a non-admin account.
|
Well, the "average user" cannot spread the infection to other users of the system
directly, but this user gets infected nevertheless - and I can imagine possible attempts to spread the infection further.