Exploit - very basic, general, question

Discussion in 'other security issues & news' started by act8192, Aug 7, 2013.

Thread Status:
Not open for further replies.
  1. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,273
    When a browser can only run under Limited user (set so by SRP on XP-pro), installation of any file using the RUN button is not possible. A great feature.

    But I still wonder if an exploit could run from a compromised website regardless of any setting in SRP, can it do damage without installing itself?

    In case my question isn't too clear, to rephrase, by way of example: Long ago, a bank I use had an iFrame containing some trojan. My AV alerted immediately to a bad URL. But what if AV didn't catch it? If the trojan installed, my firewall likely would have alerted something going out.

    But do they all need to install to do the intended damage?

    I've read many great posts about exploits by RMUS here, but still am not too clear with this basic question.
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It'll still run. Firewall doesn't stop it from running, neither does SRP. It'll just restrict its capabilities
     
    Last edited: Aug 7, 2013
Loading...
Thread Status:
Not open for further replies.