I decided to do something a bit different this week. Rather than an essay on an InfoSec principle, I wanted to review and recommend a free product I’ve been using for a couple years.
Windows XP is still the most popular Operating System out there. And we still have way too many people running with administrative rights all the time. Drop My Rights is a free Windows XP utility offered by Microsoft that allows you to be logged into your computer as an administrator but run some programs with reduced privileges. I first heard about Drop My Rights on Steve Gibson’s Security Now! Podcast several years ago. Credit goes to Steve and Leo for introducing this to me.
Many of us get used to the convenience of always running our computers as administrator. Of course you need admin rights for things like installing applications and changing network settings, but you also need them for little things you wouldn’t think of. For instance, I’ve developed a habit of double clicking on the system clock to pull up the calendar. I use that to quickly scan forward or backward to look at dates. That activity is actually unavailable for standard users.
Drop My Rights lets me continue running as an administrator while running high risk programs like Internet Explorer, Firefox and Outlook with reduced rights. Below, I will give a brief explanation of how to configure Drop My Rights and resources if you’re looking for more information.
Download the installer for Drop My Rights from: http://download.microsoft.com/download/f/2/e/f2e49491-efde-4bca-9057-adc89c476ed4/dropmyrights.msi
Go through the install process. I recommend you select defaults except to change the install path to something easier to remember, because you’ll need to use it later. For the purposes of this article I will use c:dropmyrights.
Next, you will need to edit shortcuts that will open your high risk applications through the Drop My Rights context. I am going to set up Firefox. Right click on shortcut and select Properties.
Once you’re in the Properties Windows, in the Target field move your cursor all the way to the left and enter: C:dropmyrightsdropmyrights.exe
Change the “Run:” field to “Minimized” so that you don’t need to see Drop My Rights pop up whenever you use that shortcut.
And, Bingo, you’ve got Drop My Rights configured for that shortcut. For some programs (like Internet Explorer) you will need to go find the Icon again so the shortcut looks like, but Firefox doesn’t lose its appropriate Icon.
Firefox instances started from that shortcut will not have administrative rights. If a piece of Malware tries to perform an installation it will fail due to insufficient privileges. I recommend editing all your commonly used shortcuts in this way, then if you really need to run Firefox (or IE, etc) as an administrator you can go to the shortcut under Start/Programs and intentionally run with elevated privileges.
You can find more information about this tool, including technical details and options for switches here: http://msdn.microsoft.com/en-us/library/ms972827%28printer%29.aspx
Connect with Robb on Google+