[THIN] Re: GPO spyware and unwanted Programs from IE
- From: "Braebaum, Neil" <Neil.Braebaum@xxxxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Thu, 27 Jan 2005 15:56:14 -0000
I've not known ActiveX to not require adding stuff to HKCR as well as
some system folders, so as long as users aren't running with elevated
rights and the server's local drives aren't unprotected then ActiveX
shouldn't be a problem.
Having to make it work, especially with mandatory profiles can be more
of a challenge! ;-)
Neil
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeremy Saunders
> Sent: 26 January 2005 17:14
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: GPO spyware and unwanted Programs from IE
>
> I thought only Power Users, Domain Admins and Administrators
> could install ActiveX apps.
>
> Lock down your file system and registry, but I have found
> that the file system is critical for this stuff. For example,
> Authenticated Users should only have Read access to the
> Program Files folder, etc. If a user has write access, then
> they have the ability to install spyware.
>
> "Jim Kenzig
>
> Kenzig.com"
>
> <jkenzig@xxxxxxxx
> To
> m> thin@xxxxxxxxxxxxx
>
> Sent by:
> cc
> thin-bounce@freel
>
> ists.org
> Subject
> [THIN] Re: GPO spyware
> and unwanted
> Programs from IE
>
> 27/01/2005 01:03
>
> AM
>
> Please respond to
>
> thin
>
> ActiveX?
>
> Joanne Determann <joanne.determann@xxxxxxxxx> wrote:
> I have 3 Citrix internet Kiosks. And it looks like my GPO
> is not doing the job prohibiting programs being installed
> through IE and blocking search engine hijackers etc... I found
> a Online Poker game installed on the MF server.
>
> Any clue where my hole is?
*****************************************************************************
This e-mail and its attachments are confidential and are intended for the above
named recipient only. If this has come to you in error, please notify the
sender immediately and delete this e-mail from your system. You must take no
action based on this, nor must you copy or disclose it or any part of its
contents to any person or organisation. Statements and opinions contained in
this email may not necessarily represent those of Littlewoods. Please note that
e-mail communications may be monitored. The registered office of Littlewoods
Limited and it's subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB.
Registered number of Littlewoods Limited is 262152.
*****************************************************************************
This message has been scanned for viruses by BlackSpider MailControl -
www.blackspider.com
********************************************************
This Weeks Sponsor: ThinPrint, GmbH
Now available: .print Remote Desktop Printing Engine
for Microsoft Terminal Services
http://www.thinprint.com/dotprint/index.php?sh2&lc=1
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
ThinWiki community - Excellent SBC Search Capabilities!
http://www.thinwiki.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
