Re: Symantec LiveUpdate and User Rights on Win2000

[Matt Burnett <marukka () mac com>]

Couldn't you give users the appropriate permissions to the files/reg  
keys that are modded/added? To find out goto www.sysinternals.com and  
download filemon.exe and regmon.exe.

On May 26, 2005, at 2:12 PM, Bundschuh, Anthony D wrote:

> You can add the users to the power users group.  Power users can  
> install
> virus definitions.
>
> -----Original Message-----
> From: Joe George [mailto:j.george () conservation org]
> Sent: Tuesday, May 24, 2005 9:56 AM
> To: security-basics () securityfocus com
> Subject: FW: Symantec LiveUpdate and User Rights on Win2000
>
> Greetings all,
>
> We are currently in the process of removing Administrative rights  
> from end
> users.  As you may already know, when someone logs in with only  
> User rights,
> they are no longer able to install AV definitions through the  
> LiveUpdate
> feature.  This is one of the most crucial things we'd like our  
> clients to be
> able to access in case they are on travel or working remotely.  A
> Trojan/virus has less of a chance of being initialized under user  
> rights,
> but it is important that the user be able to maintain the  
> definitions if
> needed.  Is there a tweak out there?
>
> Thanks in advance.
>
> Best Regards,
>
> Joe George
> IT Analyst
> Conservation International