Aaaaand, we’re back

I’ll be making lots of updates to the nonadmin wiki this week. Yesterday it was three months’ worth of press articles about running as a non-administrator, and today it’s two webcasts and two whitepapers for the other resources page*. This is also a way of tricking myself into breaking a month-long backlog of blog topics….


More press coverage of NOT running as an administrator

Ryan Naraine has written a nice article for eWeek about non-admin security in XP. He notes that Microsoft will be promoting Least-privileged User Accounts heavily in Longhorn, but that you can enjoy their added security right now – if you know where to look in Windows! The article includes commentary from security guru Michael Howard…


Great things are afoot over at Channel 9

Another vital resource has sprung up fully-formed on Channel 9 – the Patterns and Practices Security Wiki (yes, this is yet another Microsoft wiki). Whether you need to deploy a secure ASP.NET 2.0 application right now, or just have a vague wish to learn some better secure coding practices, bookmark the site. Here’s why: The…

Lots of LUA links

[I originally posted this two weeks ago, but it got lost when they had to roll back the servers, and it doesn’t look like the original is coming back anytime soon] I’ve added a bunch of new links to the non-admin wiki, taken from various blog posts over the past month. Thanks to one and…

Refresh build of Microsoft Windows AntiSpyware beta

Microsoft’s antispyware team made version 1.0.509 available for download a couple of hours ago. You can use Help > About to see what you’re currently running, but unless you’re another Microsoftie with the latest internal bits, you probably don’t have this one yet 🙂 The only time I notice I’m running it is when it…


How to run as a non-administrator – announcing a new community site

I’ve set up a new community web site at It’s a place where anyone can share their experiences with running as a non-administrator in Windows – the good (tips, tools, and help for using a limited-user account), the bad (programs that won’t even install, let alone run, unless you’re administrator), and the ugly (workarounds…


Reporting false positives from Microsoft Windows Antispyware

One thing I forgot to mention in my previous post is what to do when the Microsoft anti-spyware tool incorrectly reports something as being adware or spyware. If you’re just trying to get on with your work, and you’re certain that the file really is innocent, you can tell the tool to always ignore it….


Microsoft anti-virus software to complement today’s beta of an anti-spyware tool

[Update for people finding this post through web searches: the anti-virus tool has been released as the Microsoft Windows Malicious Software Removal Tool (KB890830). You can use that link to download it directly, but really you should be using Windows Update so that you get an automatic update to the tool every month!] In case…