Successful client-side exploits targeting that Internet Explorer or Outlook
session also would run with administrative privileges. This gives all the same rights as an
attack against a system level service??”administrators can install rootkits and key loggers,
install and start services, access LSA secrets. With these rights, the attack also covers its
tracks in the event log. If victims log on as an administrator, they are vulnerable to
potential ???browse-and-you??™re-owned??? exploits.
NOTE Windows Vista introduced several new features to help client-side
applications not run with full administrative privileges. Internet Explorer
Protected Mode and Vista??™s User Access Control are useful defense-in-depth
features to help users run at a lower privilege level. For more detail on how to
run at a lower privilege level on down-level Windows platforms, see the ???Run Internet-
Facing Applications with Reduced Privileges??? section later in this chapter.
Client-Side Vulnerabilities Can Easily Target Specific
People or Organizations
For attackers earning 20 cents per adware install, it doesn??™t matter who is targeted by the
attack??”they earn the same 20 cents regardless of the victim. However, some attackers
are interested in targeting specific victims or victims belonging to a specific group, company,
or organization.
Pages:
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648