HomeInformation Security

Use Limited User Account on Windows

voyageur | December 2, 2008 - 1 year 34 weeks

We found some good information in http://www.psychocats.net talking about using limited user on Windows. Below are some excerpts:

The default user for Windows Vista is a limited user. But on Windows XP, the default user (the #1 user) is the administrator user.

Windows allows you to make it more secure by creating limited user accounts and using the Run As... option to run only particular tasks or programs as administrator (similar to the su feature in most Linux distributions). Run As... is crippled in its implementation, though. If you use Run As... to install Windows Updates, the updates do not install properly. Also, you have to find the particular launcher files (extension of *.cpl) for Control Panel applications in order to use the Run As... option on them. The way to run Explorer (the file browser) as administrator from within a limited user account is extremely complicated.

Unfortunately, in addition to Run As... being crippled, many third-party (not Microsoft) software companies design their applications to be run as administrator (since that is the Windows default, which is Microsoft's fault). Here is the<!--

--> Hall of Shame for programs that need to be run as administrator in Windows in order to function properly.

The administrator account in Windows has access to almost everything on the system, so if it gets compromised, the entire system is compromised. And if you’ve ever had to clean malware off a Windows computer, you know how difficult it is to get all the junk out of the registry and all the reappearing programs and .dll files out of system directories.

A limited user account, on the other hand, has access only to its own account and very few system directories. I don’t know of any Windows malware that targets limited user accounts, but if the limited user account got compromised, cleaning up the malware would be a lot easier, as you could create another account, and one by one quarantine and examine user files you copy over from the compromised account to the newly created account and then delete the compromised account.