Shane Nokes, on 03 November 2012 - 03:34, said:
Doubtful since that same malware/virus could just invoke an admin CMD session since it would be prompted for credentials either way (in your scenario). So either way is more or less the same level of secure.
Touche, Shane. Good point. Although, behind my firewalls/security, I've never had that happen, nor do I allow my users to run in an admin space to begin with, and trust me...if you don't know my password, which is over 19 characters long, is nearly impossible to be cracked....I don't allow admin privelages on ANYTHING, except explicitly a very FEW things, most everything my users do is "in the cloud", I've steered them away from local accounts...so meh, never had any problems. It's bad admins that let/allow the bad stuff to get by, which I will not approve unless I'm physically there to see what they are doing.
So I am not worried. Microsoft has taught me well, when it comes down to being secure....that and previous experiences....so in other words, "I got this" on my end. Not too worried. (Scanned all my machines personally with various scanners/rootkit revealers/etc...there is no PEBKAC happening here!
) Need I say, Budman, GroupPolicy...etc...self explanitory. I'm not saying it couldn't happen to someone else, it's just never happened to ME, on my domain/network. Not going to either.