Administrator Read Only

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - mfcsg.exe error when i boot up my computer i get a "mfcsg.exe" error, does anyone know what that is Tag: Administrator Read Only Tag: 57301
  - 2
    - 403.5 ERROR - PLEASE HELP! I have posted this twice with one response, I will try again. When trying to access my bank, I get the following error: >HTTP Error 403 >403.5 Forbidden: SSL 128 required >This error message indicates that the resource you are >trying to access is secured with a 128-bit version of >Secure Sockets Layer (SSL). In order to view this >resource, you need a browser that supports this level of >SSL. >Please confirm that your browser supports 128-bit SSL >security. If it does, then contact the Web server's >administrator and report the problem. Also, I can no longer access my webmail any more and my credit card company web site states that I have an incompatable browser that I need IE5.5 or above with 128 bit. I am using MSIE 6, Win2k pro sp4, Norton Internet Sec. v 2004. Help anyone??? Tag: Administrator Read Only Tag: 57299
  - 3
    - Firewalls Am I correct in believing I don't need to install a software firewall if I am using an ADSL modem router with a hardware firewall? Tag: Administrator Read Only Tag: 57295
  - 4
    - CreateProcessAsUser (error A required privilege is not held by the client) Hello, I want to do something similar but I have problems with CreateProcessAsUser function. It always returns me 1314 error code (A required privilege is not held by the client). What I really want to is give more privileges to current process. I'll explain. I'm developing a service setup and it needs to call net start and other things. It should be able to install the service under no administrator users, so I use, first of all, LogonUser and ImpersonateLoggedOnUser to convert current process to privileged process. This part goes well and let me extract files in Program Files folder and write on LocalMachine registry entry. I tried to use ShellExecute to call "net start service_name" but it didn't go well. I read that impersonate token is not inherit by new processes, so ShellExecute took unprivileged token on its creation. I think that the solution is CreateProcessAsUser to call "net start service_name" but when I execute it, the result is 1314 error code (A required privilege is not held by the client), as I said. I'm very glad if anyone can help me. This is the part of code that I use to do everything: bool ActionsUserAuth(bool bControlActived) { bool bUserAuth = false; TCHAR szUsername[MAXSTRINGLEN]; TCHAR szDomain[MAXSTRINGLEN]; TCHAR szPassword[MAXSTRINGLEN]; HANDLE hToken; HANDLE hAdminUser; //bool bExit = false; //int iTry = 0; ClsTokenPrivileges TokenInfo; bExit = false; bControlActived = true; if (bControlActived) { bUserAuth = (IsCurrentUserLocalAdministrator() == TRUE); bUserAuth = false; if ((bUserAuth) && (bDebugMode)) Log(TEXT("ActionsUserAuth: administrator privileges")); else Log(TEXT("ActionsUserAuth: non administrator privileges")); memset(szUsername, 0, sizeof(szUsername)); memset(szDomain, 0, sizeof(szDomain)); memset(szPassword, 0, sizeof(szPassword)); //while ((!bUserAuth) && (iTry < 3)) //{ if (!DlgUserAuth(szUsername, szDomain, szPassword)) { bExit = true; if (bDebugMode) Log(TEXT("ActionsUserAuth: User authentication dialog failed")); return false; } if (!RevertToSelf()) { if (bDebugMode) Log(TEXT("ActionsUserAuth: Revert To Self")); return false; } // Get the current process token handle... if( !OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken )) return false; if (!SetPrivilege(hToken, SE_TCB_NAME, true)) return false; if (LogonUser(szUsername, szDomain, szPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &hAdminUser)) bUserAuth = true; else bUserAuth = false; /* if (!bUserAuth) { if (!bSilentMode) { MessageBox(NULL, Diccionary->Get(TEXT("IDS_USERAUTH_ERROR")), Diccionary->Get(TEXT("IDS_GEN_CAPTIONERROR")), MB_OK); } } else*/ if (bUserAuth) { if (!ImpersonateLoggedOnUser(hAdminUser)) MessageBox(NULL, TEXT("Inpersonate Error"), TEXT(""), MB_OK); ///////////////////////////////////////////////// if (DuplicateTokenEx(hAdminUser, MAXIMUM_ALLOWED, 0, SecurityImpersonation, TokenPrimary, &hAdminPriv) == 0) MessageBox(NULL, TEXT("duplicate token Error"), TEXT(""), MB_OK); if (!SetPrivilege(hAdminPriv, SE_ASSIGNPRIMARYTOKEN_NAME, true)) { MessageBox(NULL, TEXT("SetPrivilege Error"), TEXT(""), MB_OK); return false; } if (!SetPrivilege(hAdminPriv, SE_INCREASE_QUOTA_NAME, true)) { MessageBox(NULL, TEXT("SetPrivilege Error"), TEXT(""), MB_OK); return false; } TCHAR szRes[MAXSTRINGLEN]; STARTUPINFO si; PROCESS_INFORMATION pi; ZeroMemory( &si, sizeof(si) ); si.cb = sizeof(si); ZeroMemory( &pi, sizeof(pi) ); //my_strcpy(szRes, TEXT("C:\\Archivos de programa\\Inquiero Installable ISD\\prova.exe")); my_strcpy(szRes, TEXT("\"C:\\Documents and Settings\\prova\\Escritorio\\prova.exe\"")); TokenInfo.DisplayInformation(TEXT("C:\\token.info")); if (!CreateProcessAsUser(hAdminPriv, NULL, szRes, NULL, NULL, TRUE, IDLE_PRIORITY_CLASS, NULL, NULL, &si, &pi)) { TCHAR szError[MAXSTRINGLEN]; wsprintf(szError, TEXT("%d"), GetLastError()); MessageBox(NULL, szError, TEXT(""), MB_OK); } ///////////////////////////////////////////////// CloseHandle(hAdminUser); } // iTry++; //} if (!bUserAuth) return false; } return true; } Tag: Administrator Read Only Tag: 57292
  - 5
    - Updates slow down Windows XP & download speeds Hello all: I am having the same issues with Mac OSX. I have high speed cable and contantly acheive speeds of 260k per second download speeds on an unpatched XP pro machine. On my other machine, I installed all of the updates. As with OSX, windows I have found has taken a massive performance hit as a result of all of the security updates applied. On the same cable these speeds dwindle down to only 50-60k per second. I cannot find any threads or support pertaining to this issue. It appears that performance on these platforms is being sacraficed for security. Any ideas...? Thanx. Tag: Administrator Read Only Tag: 57283
  - 6
    - viruses sent using my address I have gotten 2 returned e-mails from sources that received mail containing viruses from someone using my e-mail address. The viruses were intercepted and stopped. I have notified hotmail support, but they have not replied to my request for help. What can I do to stop this? Tag: Administrator Read Only Tag: 57282
  - 7
    - ** READ THIS BEFORE POSTING - answers to frequently asked questions 2004.07.15 Before you post a question to a Microsoft.public.*.security newsgroup, note that your question may already be answered below: Answers to Top Frequently Asked Questions: http://securityadmin.info My question is not mentioned below. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.asp#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.asp#netiquette I just heard about a new Microsoft security patch update. Where can I get the patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I just installed a Microsoft security patch update, and now my computer is having problems. http://securityadmin.info/faq.asp#patchbroke I received an email from Microsoft / Microsoft Support / Microsoft Internet Security Center claiming to be a security patch [or comprehensive Internet Explorer update]. Is this a virus? http://securityadmin.info/faq.asp#microsoftemail ALSO NOTE: www.grisoft.com is free antivirus, USE IT. I received a virus email from a Microsoft email address. Who do I report this to? http://securityadmin.info/faq.asp#microsoftemail I have the RPC Blaster worm "virus," what do I do? http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. My computer is giving RPC Remote Procedure Call messages. There is a TFTP message or file on my computer. My computer keeps locking up, and/or rebooting, or telling me that it will reboot in 1 minute. http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. Where can I download the Blaster worm / RPC DCOM patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I want to replace this file. http://securityadmin.info/faq.asp#jdbgmgr I forgot my Windows logon password and can't log in. How do I reset it? http://securityadmin.info/faq.asp#password I have a problem or a question with a virus or with antivirus. http://securityadmin.info/faq.asp#virus NOTE: www.grisoft.com is free antivirus, USE IT. Why is Outlook Express blocking my attachments as "unsafe"? http://securityadmin.info/faq.asp#attachments How do I stop getting pop-up messages? Or adware? Or spyware? http://securityadmin.info/faq.asp#pop-ups How do I block people from viewing adult or objectionable content on a computer? http://securityadmin.info/faq.asp#contentfilter How do I block spam emails? http://securityadmin.info/faq.asp#spam There is a Content Advisor password blocking me from certain web sites. http://securityadmin.info/faq.asp#contentadvisor How do I delete an FTP folder that a hacker put on my computer and I cannot delete? http://securityadmin.info/faq.asp#ftpfolder Have I been hacked? What do I do if I've been hacked? http://securityadmin.info/faq.asp#hacked How do I re-secure a computer that has been hacked? http://securityadmin.info/faq.asp#re-secure How do I test or improve the security on my computer to avoid being hacked? http://securityadmin.info/faq.asp#harden How do I investigate a suspicious IP address that may be trying to hack me? http://securityadmin.info/faq.asp#trace How do I report a hacker? http://securityadmin.info/faq.asp#reporthacker How do I use a port scanner or vulnerability scanner to test my security? http://securityadmin.info/faq.asp#portscanner How do I encrypt my files and/or hard drive? http://securityadmin.info/faq.asp#encryption How do I get a firewall? IDS? http://securityadmin.info/faq.asp#firewall I want to use the IPSec filtering or IP filtering feature of Windows to block certain ports and have a problem or question. http://securityadmin.info/faq.asp#ipsec I have a problem or question with the XP ICF firewall. http://securityadmin.info/faq.asp#icf I have a problem or question with the IIS URLScan tool. http://securityadmin.info/faq.asp#urlscan How do I change the banner on my computer or server to hide what software version I'm using? http://securityadmin.info/faq.asp#banner How do I enable Windows Auditing to tell who logged into Windows or who accessed a file? http://securityadmin.info/faq.asp#auditing How do I inspect and disable programs that start up when Windows starts? http://securityadmin.info/faq.asp#startup How do I use RUNAS or let someone use RUNAS to run commands as administrator without having to type the password? http://securityadmin.info/faq.asp#runas How do I let non-administrator users run Defrag or change their IP address? http://securityadmin.info/faq.asp#runas My question is not mentioned above. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.asp#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.asp#netiquette Note that this is NOT a full list of all the questions answered in the FAQ. Chances are, your question has probably already been answered. The complete FAQ is at: http://securityadmin.info/faq.asp#contents I hope this is helpful. Feedback, suggestions and criticism regarding the FAQ are welcome and may be emailed to me. kind regards, Karl Levinson, CISSP, MCSE, MVP email: levinson_k@despammed.com Tag: Administrator Read Only Tag: 57277
  - 8
    - What is a valid digital certificate for a file? Hi. When I checked the digital certificate for file "EXCEL.EXE", I saw "Valid from 3/29/01 to 5/29/02". Today is 7/14/2004. If it is a certificate on Apache server, it will say "This certificate has expired." But Windows told me "This certificate is OK." How can it be possible to be OK? After I renamed the file "EXCEL.EXE" to "EXCEL123.EXE", it still says "This certificate is OK." The certificate protects software from alteration after publication. If the filename is changed, is that an alteration? If I signed a DLL with a certificate and renamed it, the DLL file's certificate will be OK, but there is no way to use it as before. Please let me know the true meaning of digital certificate. Thank you, Tag: Administrator Read Only Tag: 57276
  - 9
    - HELP CAN ANYONE HELP ME .. I GOT HIJACKED BY A DEMON AND IT HAS TAKEN CONTROL OF MY MACHINE and i cant download anything and i am very slow and can barley do anything at all any help to find a way to free me???? Tag: Administrator Read Only Tag: 57260
  - 10
    - Difference Concerning MS, define exactly what is the difference between critical security issues and non-critical security issues in reference to updates? When is this difference determined? What factors determine the difference? Who makes the final decision on which is critical and which is non-critical security issue? Tag: Administrator Read Only Tag: 57259
  - 11
    - Security Update CD I see the last one of these was released in Feb. Are these released on a set schedule(ie quarterly)or just whenever they feel like it? Tag: Administrator Read Only Tag: 57254
  - 12
    - DOS Exploit Using Spybot Search and Destroy, I have repeatedly encountered what is labeled a Data Source Object Exploit. The fix temporarily removes the DOS Exploit, but it returns, despite my attempts to manually remove it in the Registry at: HKEY USERS\Default\Software\Microsoft\Windows\Current Version\Internet Settings\Zones. There are four Zones in mine. The 1004 value highlights and I have removed all four several times without success. Based on information provided by Spybot S & D, I understand that a security hole in Internet Explorer is allowing websites to execute code without my permission. Today, I had to remove a trojan horse: Download/Ware. I do not know if there is a connection. I do know, however, that I have had to remove considerably more adware and spyware since I discovered the problem with the DOS Exploit. On article I read suggested renaming the 1004's to 1003's. I am wondering if the zones may safely be deleted in there entirety? Is there a fix, other than going to a different browser? My system information follows. Thanks! tJp Operating System Windows 98 SE (4.10.1034.2222) Internet Explorer 6.00.2800.1106 MSN Client 9.00.0013.2101 MSN SKU MSN 9 Dial-up Default E-mail Program MSN Explorer Amount of Memory 319 MB Free Disk Space C: 8.23 GB Tag: Administrator Read Only Tag: 57253
  - 13
    - Firewall Program Disabled After Security Updates I am posting this here because I do not know where else to post, and wanted this to be seen by Microsoft's Tech Support. Today, Wednesday, June 14, 2004, I downloaded the new security updates that I get via IE Browser updates. After I finished with the updates, and rebooted, I happened to look inside my McaFee Firewall listings for "Manage programs you access on the Internet", and I noticed this: Microsoft Help Center Hosting Server [5.1.26000.0 Blocked I never did it, and I removed the this whole listing. This is for your information, but I wondered if it was part of the security updates, and if I should have left it there. I think its the automatic updates I get notified about on my PC with a popup balloon window. Tag: Administrator Read Only Tag: 57249
  - 14
    - Password problem I have windows 2000 professional and tried to change user name and password. After posting the new details of user name and password I found that the system on entry showed the old password and prompted me to input a password but I do not know the old password. I have tried with the new ones but cannot get access to my computer. Can anyone help me. My e-mail is fitzbrown@aol.com. All help will be appreciated. Regards, Michael Brown Tag: Administrator Read Only Tag: 57248
  - 15
    - COM Services Error System: WinXP Does anyone have any ideas on this situation? Problem: I am trying to edit default COM sercurity, I have the appropriate users in the Access Permissions, but when I try to edit the Launch Permission Users by going to Run-->dcomcnfg-->component services-->computers-->right click my computer (properties)-->default COM security tab-->edit default under Launch Permissions. When the window pops up I do not get the ability to add users to this sections, the only thing that shows up on the window is "Unable to display security information". Any assistance would be great, I have done research on google groups and support.microsoft.com to no avail. Thanks Jim Tag: Administrator Read Only Tag: 57247
  - 16
    - PDA security Hello, Is anyone familiar in terms of the security risk when you use PDA to synchronous your email in a financial institition environment, like bank or insurance company? need your guidance on this. thanx Tag: Administrator Read Only Tag: 57243
  - 17
    - Using software restriction policies to prevent virus and malware - Microsoft Response needed Will using software restriction policies help to prevent virus and malware from getting on Windows XP professional machines? Let say I know the name of the executable to the virus or malware, can I use a path rule to disallowed this executable from being run on the local machine. Will this prevent virus and malware that are started by the registry? The documentation is very vague in describing how exactly this works. -- Eric Sabo NT Administrator Tag: Administrator Read Only Tag: 57242
  - 18
    - securing client POSTs This is a multi-part message in MIME format. ------=_NextPart_000_0056_01C46995.9DCE19B0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable hi someone could send to my server invalid or malicious POSTs packets THEN: i go to validate "every" field i will get with "Request".Form or Cookie does it is appropriate ?=20 and... if an attacker append to the post=20 "MyField" with its value (surely a value that can break the service) is the web server (IIS) capable to ignore the field? or could it be dangerous? thanks --=20 atte, Hern=E1n Castelo SGA - UTN - FRBA ------=_NextPart_000_0056_01C46995.9DCE19B0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ebf3fc> <DIV><FONT face=3DArial size=3D2>hi</FONT></DIV> <DIV><FONT face=3DArial size=3D2>someone could send to my = server</FONT></DIV> <DIV><FONT face=3DArial size=3D2>invalid or malicious POSTs = packets</FONT></DIV> <DIV><FONT face=3DArial size=3D2>THEN:</FONT></DIV> <DIV><FONT face=3DArial size=3D2>i go to validate "every" = field</FONT></DIV> <DIV><FONT face=3DArial size=3D2>i will get with "Request".Form or=20 Cookie</FONT><FONT face=3DArial size=3D2></FONT></DIV> <DIV><FONT face=3DArial size=3D2>does it is appropriate = ? </FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>and...</FONT></DIV> <DIV><FONT face=3DArial size=3D2>if an attacker </FONT><FONT = face=3DArial=20 size=3D2>append to the post </FONT></DIV> <DIV><FONT face=3DArial size=3D2>"MyField" </FONT><FONT face=3DArial = size=3D2>with its=20 value</FONT></DIV> <DIV><FONT face=3DArial size=3D2>(surely a value that can break the=20 service)</FONT></DIV> <DIV><FONT face=3DArial size=3D2>is the web server (IIS)</FONT></DIV> <DIV><FONT face=3DArial size=3D2>capable to ignore the = field?</FONT></DIV> <DIV><FONT face=3DArial size=3D2>or could it be dangerous?</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>thanks</FONT></DIV> <DIV><FONT face=3DArial size=3D2><BR>-- <BR>atte,<BR>Hern=E1n = Castelo<BR>SGA - UTN -=20 FRBA<BR></DIV></FONT></BODY></HTML> ------=_NextPart_000_0056_01C46995.9DCE19B0-- Tag: Administrator Read Only Tag: 57240
  - 19
    - Blasted homepage hijaker (about:blank) How the hell do you get rid of the Homepage hijacker "about:blank" It's driving me nuts. antivirus software doesn't detect it either. Any solutions? Tag: Administrator Read Only Tag: 57235
  - 20
    - Please Help I am trying to open an attachment of 10.0 KB but a message keeps coming up saying "Can not load Word for 2.0 files". What does this mean and how can I get around it? Tag: Administrator Read Only Tag: 57225
  - 21
    - Rogue/Suspect Anti-Spyware Products & Web Sites http://www.spywarewarrior.com/rogue_anti-spyware.htm ~Silj -- siljaline MS - MVP Windows (IE/OE) AH-VSOP ________________________________ Anti-Parasite Definition Updates http://forum.aumha.org/viewforum.php?f=31 (Reply to group, as return address is invalid - that we may all benefit) Tag: Administrator Read Only Tag: 57216
  - 22
    - bridge.dll HELP! I was was cleaning up a pc for a friend and got everthing in order, except when Adaware removed some things, it did not totally get rid of bridge.dll. I also ran a scan with Spybot, it removed a bunch of stuff too, but not the bridge.dll. The pc is a Sony Viao running XP.When you log on as one of the users, you get a rundll error message stating that it can't find bridge.dll. I did find one web site through a Google search advertising a bridge.dll removal tool. When you access the web site you download the the product and you could do a free scan, but then you would have to pay to use the cleaning tool. Does anyone have any recommendations? Thank you for your help!! Tag: Administrator Read Only Tag: 57208
  - 23
    - Lost URL line I've messed up one of my settings and my URL is gone. When ever I use Internet Explorer I get the page requested but with no URL line to type in another web page. Help? Tag: Administrator Read Only Tag: 57207
  - 24
    - Firewalls I was just wondering how the current Windows XP Pro firewall compares to third party firewalls like McAfee? Also, how will the updated firewall in SP2 stack up to third party firewalls? Thanks Tag: Administrator Read Only Tag: 57203
  - 25
    - Bank Frauds There is a new scam out there now. Be very careful when your bank emails you purporting to be you bank's security office and asking you to verify information regarding your account. They look very real but you are playing into their hands by responding in any way. No bank will ask you for your private information in response to their request. You can call your bank at the number shown on your statement if you want to check. Don't do anything on line in response to their request. -- Regards, Werner quincey.nyc@nospam.verizon.net Remove "Nospam" when e-mailing --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.718 / Virus Database: 474 - Release Date: 7/9/2004 Tag: Administrator Read Only Tag: 57195
- Next
  - 1
    - homepage hijacking my home page is hijacked daily. A program I have recently downloaded-SPY SEEKER- alerts me to the hijacking and allows me to revert to my original homepage.....how can I stop this hijacking in the first place....the hijacker is below http://search200.com/passthrough/index.html? http://www.google.com.au I am a novice and hope this prob is not to basic for u guys.... rgds Michael Tag: Administrator Read Only Tag: 57193
  - 2
    - Scanning tool for KB870669? Hi there, I am just wondering if anyone knows if Microsoft has released a scanning tool to confirm if kb870669 has been installed successfully yet on all network pc's? I am aware you can check add/remove programs but this is to be done remotely. Any help would be appreciated. Regards DOCNZ Tag: Administrator Read Only Tag: 57191
  - 3
    - Deleting attachments All emails with attachments have the attachments deleted. HELP!! Tag: Administrator Read Only Tag: 57188
  - 4
    - cyberkrn Hi when I boot up my computer I get the message: C:;PROGRA~1\CYBERM~1\CYBERKRN.VXD I then have to press any key to continue. I figure its a file missing but I'm having trouble identifying where the problem lies. many thanks Tag: Administrator Read Only Tag: 57181
  - 5
    - DCOM error message "Access denied attempting to launch a DCOM Server using DefaultLaunchPermssion." I got this error message in the event viewer when I tried to open up a RoboHelp help window inside my application. The story is that I integrate the RoboHelp Context Sensitive Help API to our shop's Visual Studio C# .net application. All users become 'anonymous' after they login in our application. When the user clicks on the 'help' buttom, the DCOM error message showed up in the event viewer. Any help would be appreciated. Kathy Tag: Administrator Read Only Tag: 57180
  - 6
    - Trusted Root CA question Let's say I have certs being Issued by 'TheCompany'. Then I have said 'thecompany' in my list of Trusted Root CAs. Regardless of who it was issued to, as long as it was issued by 'thecompany' it will not popup the security warning because I trust the root correct? Thanks Tag: Administrator Read Only Tag: 57179
  - 7
    - Can't remove spyware with adaware or spybot I recently had some problems with spyware (hijacked browser settings, virtual memory too low, and other general malfunctions) and I've used spybot and adaware to fix them. These two always find datamining and other programs, but the problems are unaffected. I am really at my wit's end here, can anyone offer some advice?? Tag: Administrator Read Only Tag: 57170
  - 8
    - missing dll file I have a problem with a program missing a dll file. The name of the file is MCUTILS.DLL. Is there anyway to download just this particular dll? Tag: Administrator Read Only Tag: 57167
  - 9
    - Updates under different users? Hi. Please forgive my ignorance in asking this question! I logged in as Administrator and applied all critical updates at windowsupdate.com but then I logged out and logged back in under another user name (who doesn't have Administrator rights/not in Administrator group). Stupid question: do these updates apply to Windows 2000/IE/Outlook/etc. as a whole? In other words, it doesn't matter under what user name I log into, my whole operating system should be okay and I don't have to go to windowsupdate.com again as another user, right? Tag: Administrator Read Only Tag: 57165
  - 10
    - Cydoor Hello When I type something into my address bar it keeps pre- empting me with stuff that I havent authorised to be there. I've used spybot, cwsshredder, adaware (all updated)and norton antivirus but they don't shift it. However, every time I use adaware it keeps throwing up the cydoor name. Is it related? Does anyone have any suggestions? many thanks B Tag: Administrator Read Only Tag: 57160
  - 11
    - Re: Base Line Security Analyzer Indeed - I seem to have gone backwards with 835732... There seems to be some confusion about the version number. I do have the most recent directx. ----------------------------- Score IssueResult Check failed (non-critical)Windows Security Updates3 security updates are out of date or could not be confirmed. Security UpdateDescriptionReason MS04-011Security Update for Microsoft Windows (835732)File version is greater than expected. [C:\WINNT\system32\umandlg.dll, 1.0.0.5 > 1.0.0.4] MS03-030Unchecked Buffer in DirectX Could Enable System Compromise (819696)Please refer to 306460 for a detailed explanation. MS04-016Vulnerability in DirectPlay Could Allow Denial of Service (839643)Please refer to 306460 for a detailed explanation. Check failed (non-critical)MSXML Security Updates1 security updates are out-of-date. Security UpdateDescriptionReason MSXML 3.0MSXML 3.0 SP3The latest service pack for this product is not installed. Currently SP3 is installed. The latest service pack is SP4. Tag: Administrator Read Only Tag: 57159
  - 12
    - Security Bulletins for July 04 13 July 2004 Today Microsoft released the following Security Bulletins. Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. Bulletin Summaries: http://www.microsoft.com/technet/security/bulletin/ms04-jul.mspx Critical Bulletins: MS04-022 - Vulnerability in Task Scheduler Could Allow Code Execution (841873) http://www.microsoft.com/technet/security/bulletin/ms04-022.mspx MS04-023 - Vulnerability in HTML Help Could Allow Code Execution (840315) http://www.microsoft.com/technet/security/bulletin/ms04-023.mspx Important Bulletins: MS04-019 - Vulnerability in Utility Manager Could Allow Code Execution (842526) http://www.microsoft.com/technet/security/bulletin/ms04-019.mspx MS04-020 - Vulnerability in POSIX Could Allow Code Execution (841872) http://www.microsoft.com/technet/security/bulletin/ms04-020.mspx MS04-021 - Security Update for IIS 4.0 (841373) http://www.microsoft.com/technet/security/bulletin/ms04-021.mspx MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) http://www.microsoft.com/technet/security/bulletin/ms04-024.mspx Moderate Bulletins: MS04-018 - Cumulative Security Update for Outlook Express (823353) http://www.microsoft.com/technet/security/bulletin/ms04-018.mspx This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. Tag: Administrator Read Only Tag: 57157
  - 13
    - Base Line Security Analyzer I recently used the tool to analyze my computer and when it was done it said I had patches that needed to be patched that I had already out on my computer is this normal. I do not know if I am secure or not. Tag: Administrator Read Only Tag: 57156
  - 14
    - cant reinstall norton securtity One day my Norton Internet Security 2004 package was there then the next day it had gone. When i tried to click on the icon on the desktop it told me there was an error and that i need to uninstall norton then reinstall it. So thats what i did, uninstalled it however when i put my disk in to reinstall, it would get so far then tell me there was an error 1722, a problem with Windows Installer Package, how do i resolve this? Please help!! Tag: Administrator Read Only Tag: 57153
  - 15
    - Can have a CA that is accepted by default in browsers? How can I, instead of self-signing the certs for each server, have them signed by a CA that is accepted by default in browsers. Non AD environment currently as well. Thanks. Tag: Administrator Read Only Tag: 57152
  - 16
    - WMP Why is it that all music uploaded to windows media player is protected, but all other music isn't? I cannot access it at all! Tag: Administrator Read Only Tag: 57147
  - 17
    - "Trial Version of Delphi"....Help! i used to have windows 98, when entering "my computer" or any other places on my pc, an error message would appear saying Error "Trail version of Delphi has expried" but was able to use my pc to an extent. I decided to upgrade to xp hoping this would solve the problem but now i cannot see my harddrive or enter the control panels?? Any ideas would be much appreciated.! Do i have a virus??? Tag: Administrator Read Only Tag: 57144
  - 18
    - About EventComboMT I want to know the ways to customize the outeput files of eventcombMt. Suppose i want to know the total number of occurances of an event in each machine... Tag: Administrator Read Only Tag: 57140
  - 19
    - remove res://cooup.dll/index.html#37049 res://cooup.dll/index.html#37049 This is my current internet explorere homepage, annoyingly, no spyware programmes recognise it. Does anyone know how to get rid of it? Thanks Rachel PS. Someone suggested using Netscape instead of internet explorer, does Netscape really have fewer pop ups and sypware downloads? Tag: Administrator Read Only Tag: 57138
  - 20
    - MS04-11 for NT4 Applied patch to multiple systems. All installed correctly. However, a number of Elonex Prosentia / DG Aviion clients on reboot have developed errors causing the keyboard, video, mouse and DHCP services to fail, e.g.: Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7026 Description: The description for Event ID ( 7026 ) in Source ( Service Control Manager ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: Kbdclass Mouclass msi804 Grateful for any assitance. Tag: Administrator Read Only Tag: 57137
  - 21
    - Host-based security Hello, at present I write my diploma thesis with the topic "host- based security". The emphasis is situated however not on the clientprotection but the protection of the servers in a network environment. Can you recommend some sources to me, where I can find material? For example Microsoft-Security-Guru Steve Riley held a lecture on "Death OF the DMZ", that deals with this topic. The slides I have about this presentation are not informative because Steve just says, that he does not use any slides during his lecture... Unfortunately I did not hear the lecture. If you have any usable information I would be very grateful!! Tag: Administrator Read Only Tag: 57131
  - 22
    - certificate and smartcard Hi, I am currently working on a project using smartcards for authentication. Everything work fine but I have to automate the process and I wonder if you can advise me. Here is the list of the tasks I would like to automate : * Generate a user certificate * Copy this certificate on the smartcard * 'DUMP' smartcard data (serial number, ... so I will be able to store the data in a database for admin purpose) * copy the user certificate in the AD account (certificate mapping). I you can advise me that would be great. Best regards FE Tag: Administrator Read Only Tag: 57129
  - 23
    - non-encrypted cookies When I visit some websites they use cookies to find out what I am interested in and even record my passwords. Those cookies are mostly non-encrypted cookies. Who can see those cookies except myself? webmasters of the websites? Tag: Administrator Read Only Tag: 57128
  - 24
    - will nortan's stop a virus through messenger so if we both have nortans installes does it scan our post? So therefore we should n't get a virus? Is that right Tag: Administrator Read Only Tag: 57124
  - 25
    - Slow login Hi! guys, my problem is this..we have a w2k server 2000 and 5 client running w2k pro.. when the other client login its very slow its almost 20 mints before he going to desktop..but the other client its working fine..and their is no error in my events log. any idea guys?? Many thanks, Joey Tag: Administrator Read Only Tag: 57122

Is there a way to give a user all the priviliges to look
at anything an Administrator can see, but prevent him from
making any changes. In my case, we're hiring a security
guy whose job will be to look for security flaws, but not
to change anything. Among other things, he'll need to run
MBSA on the domain, see group policies and event logs, and
audit file and folder permissions.

Top

Re: Administrator Read Only by Banana

Banana
Thu Jul 15 22:35:39 CDT 2004

You could put him in a new group and assign readonly to all resources for
that group. That's a messy way though, admittedly.

I think really this comes down to a trust issue. Security
consultants/engineers shouldn't be allowed inside an organisation without
prior establishing that this is a trustworthy and ethical person. By nature
of their role they need to have a certain level of access, esp with MBSA
requiring remote registry access.

Ensure this person has established that trust and to make doubly sure enable
auditing (as well as checking audit logs) and make it clear that he is
accountable for any actions he may undertake, esp if he causes any damage.

HTH

"Toby Richards" <anonymous@discussions.microsoft.com> wrote in message
news:2db1801c46a7e$651eaff0$a501280a@phx.gbl...
Is there a way to give a user all the priviliges to look
at anything an Administrator can see, but prevent him from
making any changes. In my case, we're hiring a security
guy whose job will be to look for security flaws, but not
to change anything. Among other things, he'll need to run
MBSA on the domain, see group policies and event logs, and
audit file and folder permissions.

Top