So, in the last article I detailed a solution to getting a legacy application to run under a limited user account in XP. This legacy application wasn’t working correctly without administrator priviliges and in this situation, upgrading to a newer version wasn’t a great option. So, I created a new user account with higher priviliges and used runas to launch the application with greater priviliges. But that left me with another problem…. how do I hide the new priviliged user from the Welcome screen?
Category: Windows Software
-
Windows Run as to let a legacy program run in XP limited user mode
Several months back I had to figure out a way to get Create a card gold (5.0?) run on an XP system. The only real problem was that I had setup the account with limited user privileges (shared machine, several users, all with limited account priviliges.) But, somehow the program didn’t work well without administrator priviliges. Giving the account full administrator priviliges all the time was not an option and try as I might, I couldn’t find the right program directory to give expanded permissions that would solve the issue.
-
Sun java update process vulnerable
The Java Runtime Environment from Sun has a vulnerability that’s due in large part to a poor approach to updating it. IF you have not uninstalled previous versions of the JRE on your PC, they are likely still there EVEN after an update AND to make things even worse, a specially designed website could specifiy the version of the JRE to use in dealing with java components on the page. Sun’s advisory here on the issue. The story is from the SecurityFix and I’m bothered by the same point that get’s Brian about this update….
-
Virtual Machine of a real hard drive
This incidents.org article the other day caught my eye. It talked of a utility calledliveview that could take a hard drive (or image of a drive) and make it into a virtual machine for use in vmware (saving all changes to a temporary file so the original structure of the disk/drive image is not touched.) It looks like you need to have Windows as your base platform, but it looks as though it would be a useful tool. Windows Incident Response possibly saw the same note on Incidents.org.
-
DEP incompatibilities HP Deskjet 5550 printing blank pages
I had a frustrating morning last week. I had setup a new pc, transferred data and gotten everything in fairly nice shape. I had got the old printer attached and setup (HP Deskjet 5550). In fact I had done a test page through the printers software at the end of the install process (Some sort of deskjet toolbox software, not Windows test page pattern.) Then we were making sure everything worked and they went to print out a UPS label from Worldship. The printer had come unplugged in the last rearrange, so I plugged power back in and the printer loaded a page, ran the head back and forth twice and spit out a blank page. Oh, we were using a parallel cable – I’ve seen some parallel cable based printers get “flustered” when power is lost and back on (especially if it was in the midst of a job when the power was pulled) – so reboot…
-
Intel Proset Wireless update
A couple weeks back, there was a pretty important security update for the Intel Proset Wireless driver. The big problem is that the update was a memory hog and caused porblems. Sans has info on the update to the update, also George Ou is encouraging everyone to make sure they’ve got things updated. It’s possible to JUST download and install the driver without getting the full proset management software. So…. CENTRINO users – this means you… update your wireless driver.
-
IE7 will have many css fixes
They’re doing what they can at Microsoft to put to rest the notion that IE7 won’t make drastic strides in CSS compliance. One of the fronts they’re pushing is this detailed listing of CSS fixes that will be found in Internet Explorer 7 when it is released.
-
More Microsoft Patch problems MS06-042
This has been one of the “problem child” patches this time around and it looks as though it’s worse than initially thought. Apparently, instead of “just” crashing IE SP1 when viewing compressed http 1.1 web pages on WinXP SP1 or Windows 2000 SP4…. as stated in Microsoft’s bulletins, this could also lead to a buffer overflow allowing for code execution. Microsoft is saying that they are not aware of that vulnerability being exploited or impacting customers at this time. The issue that was originally reported is detailed in this knowledge base article.
-
Powerpoint vulnerability (August 2006)
I’m having to make sure I put the date in the title of these posts now…. over the weekend there were rumors of a new powerpoint vulnerability. Sans had an early notice of some trojan droppers using powerpoint files. And by the 20th (Sunday) it was being called a 0-day. There is a good FAQ over at securiteam.com.
-
Encrypting wireless traffic
Incidents.org has been running their security tip a day this month and I really liked this one. It’s essentially a way to encrypt your wireless traffic using ssh. That’s something I’ve covered here before, but it’s worth reminding that it’s possible and a good idea.