Nigel Watling, one of my fellow evangelists who works out of Redmond, and who got the nod to present my session on least privilege for developers at Tech-Ed EMEA, has posted a good entry on least privilege on his blog. My favorite bit is the following:
The idea of least privilege is to limit the damage done by accident, error or attack. It’s quite simple: the more privileges a process has the more havoc it can wreak on your machine.
During Mark Russinovich’s entertaining and insightful malware talk at TechEd EMEA he admitted to accidentally downloading some spyware (which proved remarkably obstinate to remove). When Mark asked the audience who personally had been infected by malware, almost the entire room (~700 people) raised their hand. I have to admit I was surprised. If someone as smart as Mark Russinovich gets infected then what hope is there for the rest of us? The numbers in the room provided ample evidence: not a lot!
It's a point worth considering...Mark is one of the foremost experts on malware out there. If he can get nailed, so can you...so I hope you'll give least privilege some thought.