General discussion


August 2005 Microsoft Security Updates Windows XP

By zczc2311 ·
For those of use who have utilized all or part of the Guide for Securing Microsoft Windows XP by the Operational Network Evaluation Division of the Systems and Network Attack Centre (SNAC), December 1 2003, Unclassified ? a NSA publication; have the latest round of Microsoft Security Updates thwarted your ability to endeavor to secure not only the Local Services Account but more importantly the Administrator Account.

After applying the updates detailed in
You may suddenly yourself in a position of NOT being able to MAP Network Drives or Share a Printer

Efforts to secure the Administrator Account should now be made with absolute caution and about the only account that it is possible to secure is the ?Anonymous Login? account.

Perhaps the only real defense of the ?Administrator? account may remain in a complex password, totally except from dictionary/Hex/Octal attacks. This should be extended to ?Workgroup? names and ?Full Computer Names?

Whilst to-days security updates DO go to extensive efforts to disable unnecessary services and offer more constraints to the Local Services Account, the inherent issue of running some services under less privileged accounts will have to wait for the new Windows O/S. The never ending problem of most users (especially running Legacy Applications), need to Logon with Administrator privileges just to function, I am lead to believe will be overcome.

Perhaps, a work around setup for some clients may be to have two accounts, an LUA, and an Administrator. The LUA account is temporarily changed to an Administrator Account whilst the user is configured and setup. Then the same account is changed to an LUA. There are very very few applications (legacy ones excluded) which will not operate with full functionality under an LUA.

The ?Run As? command will get you past any applications that demand Administrator Account privileges.

Are we no longer free to establish security principals of own without effecting updates which render them useless? Yes, I read the disclaimers and recommendation of backing up you system; however these latest changes are wide sweeping and should be applied with some degree of caution.

Perhaps it still remains, the greatest security tool at present, being the termination of Ports 137-139, and 445 at the perimeter of the network as well as big question marks over 88, 389.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums