Comments on: Preventing Malicious Documents from Compromising Windows Machines http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/ (blog 'DidierStevens) Sat, 11 Feb 2012 16:16:49 +0000 hourly 1 http://wordpress.com/ By: Didier Stevens http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-38966 Sun, 20 Jun 2010 18:49:00 +0000 http://blog.didierstevens.com/?p=1762#comment-38966 @dlimanov I like to have this type of software running on my systems for a couple of months before I release it. Hope to post it this month.

]]> By: dlimanov http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-38940 Sun, 13 Jun 2010 19:24:05 +0000 http://blog.didierstevens.com/?p=1762#comment-38940 I am also very interested in LowerMyRights.dll, is there any progress on it?
Thanks!

]]> By: Didier Stevens http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-38424 Wed, 05 May 2010 10:43:07 +0000 http://blog.didierstevens.com/?p=1762#comment-38424 @Drewfus Will be posted this month.

]]> By: Drewfus http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-38418 Wed, 05 May 2010 00:03:29 +0000 http://blog.didierstevens.com/?p=1762#comment-38418 “That’s why I developed an alternative, LowerMyRights.dll, to be presented in an upcoming blogpost.”

Any update on this, Didier?

]]> By: Michael Lim http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-36039 Wed, 28 Oct 2009 10:33:46 +0000 http://blog.didierstevens.com/?p=1762#comment-36039 I used to use http://sudown.sourceforge.net on my shared machine at home, but I had hard time when installing most of the programs. In the end I lost track of which users installed this program and that programs.

]]> By: Preventing Applications From Starting (Malicious) Applications « Didier Stevens http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-35862 Mon, 05 Oct 2009 00:02:37 +0000 http://blog.didierstevens.com/?p=1762#comment-35862 [...] Software, PDF, Vulnerabilities, bpmtk — Didier Stevens @ 0:00 Another very effective way to prevent malicious documents from infecting PCs, is to prevent vulnerable applications from starting other applications. As almost all shellcode [...]

]]> By: Didier Stevens http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-35860 Sun, 04 Oct 2009 10:27:39 +0000 http://blog.didierstevens.com/?p=1762#comment-35860 @krazykatfelix

Thanks! To restrict the rights of explorer.exe and all the programs it starts, it’s even better to create an Image File Execution Options for explorer.exe This way, explorer.exe will never start with full rights.

]]> By: krazykatfelix http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-35859 Sun, 04 Oct 2009 09:09:51 +0000 http://blog.didierstevens.com/?p=1762#comment-35859 Hello,

No comment

start taskkill /IM explorer.exe /F
c:\DropMyRights\DropMyRights.exe “c:\windows\explorer.exe ”

not so bad !

]]> By: Machine Manufacturing http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-35843 Tue, 29 Sep 2009 10:50:52 +0000 http://blog.didierstevens.com/?p=1762#comment-35843 Thanks for sharing this important information. This article is very useful and can help anyone who wants to protect his/her PC from malicious documents and viruses.

]]> By: Didier Stevens http://blog.didierstevens.com/2009/09/27/preventing-malicious-documents-from-compromising-windows-machines/#comment-35838 Mon, 28 Sep 2009 18:03:54 +0000 http://blog.didierstevens.com/?p=1762#comment-35838 @kurt wismer
Neither do I had real issues running as a non-admin on XP. Except when developing COM and ActiveX components with VS6.

]]>