Posts Tagged ‘The Power with Power Users’
2003 server - Tuesday, March 4, 2008 5:28 - 0 Comments
The Power with Power Users
The power users group is often misused and can lead to the compromise of a system. Here is why this can happen.
The power users group is often used without knowledge of how much actual power it gives a user. With Power User privileges a person can modify certain computer-wide settings, create user accounts, install device drivers (signed or unsigned), and install uncertified programs.
These privileges are more than enough for a member of this group to be able to install a malicious file onto the system so that an administrator of the machine could execute it and completely compromise the system.
This being the case, unless you have a specific reason for a group of users to be members of the power users group then they should probably be in the users group. If you must have them in the power users group then a good idea is to use group policy to further enhance the security of those machines being accessed.
Article written by MyComputerAid.com