Alex, it would be interesting to hear some real-world comments on whether a low-privilege user account (Limited or Restricted-User class) helps in common scenarios. I've read comments claiming the exploit gets SYSTEM-level privilege, comments claiming it gets current-user privileges... maybe both are technically true, but what's the straight scoop for someone who ________________ (gets an email with an exploit, web page with malicious banner ad, has a malicious file arrive via P2P and get indexed by Google Desktop, whatever seems realistic)?
mechBgon | 12.31.05 - 1:02 am | #

Running in Limited User Mode may help, but I absolutely wouldn't rely on it as a valid mitigator for this exploit.

However, I do like this new patch http://sunbeltblog.blogspot.com/ ...guilfanovs.html

Of course, a billion caveats, and you MUST uninstall it before installing the patch from Microsoft (whenever that comes out).
Alex Eckelberry | Homepage | 01.01.06 - 5:44 pm | #

Any ideas why the software-enforced DEP will not work?
cci[RR]us | Homepage | 01.07.06 - 4:17 am | #