SRP broken in Vista?

Discussion in 'other anti-malware software' started by Gullible Jones, May 20, 2012.

Thread Status:
Not open for further replies.
  1. And now for something completely different...

    While setting up SRP on a Windows Vista installation using the group policy editor, I noticed that even with a default deny policy I could still execute any program on my second NTFS partition (drive D by Windows reckoning). This is very convenient, but it's also a major security hole, because drive D is world writable. Furthermore, if the same applies to CDs and USB sticks, that leaves the Vista machine easily open to infection.

    Is this a limitation of SRP? A Vista bug? Is it fixable?
     
  2. Tsast42

    Tsast42 Registered Member

    Joined:
    May 7, 2012
    Posts:
    137
    Location:
    United Kingdom
    Ran a quick test and working fine on all my secondary partitions and drives under Vista Enterprise. SRP that is, not the programs - they didn't work at all.
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Possible causes
    a) You did not change the default to basic user or deny.
    b) You are not using UAC
     
  4. Thanks, the problem was UAC being turned off. D'oh!
     
  5. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    JUST ANOTHER REASON TO NEVER TURN UAC OFF THE CONVENTIONAL WAY...

    ...do a search here about the registry or gpedit ways to turn off the interactive prompt part of it (if that bothers you; I still recommend leaving it all alone) while leaving the back end system on.
     
Loading...
Similar Threads
  1. waters
    Replies:
    3
    Views:
    379
Thread Status:
Not open for further replies.