Hi everyone, Sorry for the repeated question but was wondering if anyone has any suggestion to this issue? Yesterday I had joined Windows Server 2003 Security Guide Microsoft webcast and ask about applications such as, Microsoft application (SUS), the software for the webcast (Interwise), and other third party software (Ad-aware) that require users to belong to the Local Administrator Group to obtain full functionality. The mediator explanation was to due to developing of the software and that third-party software companies do not implement security design for their application, but didn't have a work-around for this scenario. This is interesting, isn't it the idea to lock down as much surface space for hackers to attack, but when a software for user requires local admin full control, wouldn't this be a red-flag to raise as a security hole on the network or system? Doesn't this increase the risk if the user were to receive a virus or worm? Then what good are the default Local groups (Power-Users and Users) for at the local system level? Does this go without saying in a development environment as well, since most of their environment needs full access and limited security restrictions to their local system? Does this defeat the purpose of securing the end-users environment? Any suggestions are greatly appreciated Regards, David V. Dellanno - MCSE, MCP+I, MCP MSDEMO Consultants Williams Place 2564 Bridgewood Lane Snellville, Georgia 30078 USA (770) 736-8794 (Office) msdemo.net Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.