The SysInternals tools are now on

The SysInternals tools — including Process Explorer, Regmon, Filemon, and many more — are now available here on  A couple of major highlights include Process Monitor, a new tool that supersedes Regmon and Filemon, and the SysInternals Suite, which combines the whole set of SysInternals tools into a single download package. In addition, check out Mark’s new…


MSDN webcast: LUA Buglight

I’ll be presenting an MSDN webcast and demoing LUA Buglight next Tuesday, October 17, 2006, 11:00am US Pacific time. Click here for more information and to register.  Make sure to install the Microsoft LiveMeeting client prior to showtime. [Update, 18 Oct 2006]  The webcast is now available for on-demand viewing here.


LUA Buglight public [pre]-release

LUA Buglight™ is a tool I’ve been working on that is designed to help both developers and IT Pros (sysadmins) identify the specific causes of “LUA bugs” in desktop applications running on Windows XP, Windows Server 2003, or Windows Vista.  Once the specific causes have been identified, the bugs can more easily be resolved by…


"Problems of Privilege: Find and Fix LUA Bugs" in TechNet Magazine

My ramblings have now been published in a more reputable venue than  Pick up the August 2006 issue of TechNet Magazine, or see it here on the web: Problems of Privilege: Find and Fix LUA Bugs BTW, in the US you can subscribe to TechNet Magazine for free:    


Changing access control on folders vs. files

This post is the fourth installment in the “Fixing LUA Bugs” series.  Before reading this, you should read: What is a “LUA Bug”?  (And what isn’t a LUA Bug?) Fixing “LUA bugs”, Part I Fixing “LUA bugs”, Part II A fairly common LUA bug scenario is the application that creates and modifies files in the same…


Anti-virus vs. Non-Admin

This may be controversial, but I truly believe it and I’ll say it: With today’s threat landscape and the way malware works today, you are better off running as non-admin WITHOUT anti-virus than you are running as admin WITH anti-virus. If your anti-virus/anti-spyware/anti-malware software requires that you run as administrator in order to protect you,…


Smartcards and other 2-factor authentication

Steve Riley is trying to get a good body of customer experience with various forms of two-factor authentication.  Please check out his post and comment on it at the following link:  What do YOU need out of two-factor authentication? Thanks!  


Fixing "LUA Bugs", Part II

Fixing “LUA bugs”, Part II If (and only if) items #1 through #3 (a, b and c) from Fixing LUA bugs, Part I don’t allow your apps to work as normal user, then – and only then – move on to items #4 and #5, which are described in this article, along with their respective…


Fixing "LUA bugs", Part I

You have an application that you – or your users – need to run.  It’s a normal app – it isn’t designed to perform system administration of your computer, but for some reason, it doesn’t work correctly unless it’s run from an account that has administrator-level access (see “What is a “LUA Bug”? (And what…


What is a "LUA Bug"? (And what isn’t a LUA bug?)

First, what is “LUA”? “LUA” is an acronym that variously refers to “Limited User Account”, “Least-privileged User Account”, “Least User Access”, and probably several other clumsy phrases that ultimately indicate a computer user account that cannot make changes that affect other users of the system or the operating system itself.  In Windows, these are typically…