Restricted User Security Issues when Using Microsoft Programs (149978)


The information in this article applies to:

  • Microsoft Bookshelf '95 for Windows 95
  • Microsoft Bookshelf 1996-97 for Windows
  • Microsoft Cinemania for Windows 1996 edition
  • Microsoft Cinemania for Windows 1997 edition
  • Microsoft Complete Gardening for Windows 1.0
  • Microsoft Complete NBA Basketball for Windows, 1994-1995, 1995-1996 editions
  • Microsoft Encarta 96 Encyclopedia for Windows
  • Microsoft Encarta 95 The Complete Interactive Multimedia Encyclopedia for Macintosh
  • Microsoft Encarta 96 World Atlas for Windows
  • Microsoft Music Central for Windows, 1996, 1997 edition
  • Microsoft Reader's Digest Complete Do-It-Yourself Guide for Windows 1.0
  • Microsoft Works for Windows 95, version 4.0
  • Microsoft Encarta 97 Encyclopedia for Windows
  • Microsoft Encarta Encyclopedia 97 Deluxe for Windows
This article was previously published under Q149978

SUMMARY

The Microsoft programs listed at the top of this article provide the user with command lines to run executable files. If your system is configured to place security restrictions on running certain programs, this could potentially provide the user with a way to bypass your restrictions.

The command line access is an integral part of these programs and cannot be disabled.

MORE INFORMATION

You can configure a computer system to prevent users from accessing executable programs. For example, you can disable the Run command in Explorer and restrict access to Files and Folders so users can not locate programs and execute them. However, you should be aware that many programs, including the programs listed at the top of this article, provide command lines for running programs.

For example, in Microsoft Works 4.0, the user can access Microsoft System Information 2.5 (Msinfo32) through the Help menu. MSINFO32 has a Run command on the File menu. This lets users enter program names and run them, or browse available drives to find executable programs. MSINFO32 is available in many of Microsoft's programs marked with the Designed for Windows 95 logo.

In addition to a Run command, some programs have other methods to access executable files. Encarta, for example, uses a keyboard shortcut, CTRL+W, to activate a word processor. Encarta can be configured to activate any executable program when using CTRL+W.

If you provide users with the rights to run these programs, you should consider how this might affect your system security plans.

The command line access is an integral part of these programs and cannot be disabled.

Accessing Msinfo32

To access Msinfo32, do the following:

  1. Start the Microsoft program.
  2. On the Help menu, click About <product name>, where product name is the Microsoft program you started in Step 1.
  3. Click the System Info... button.
Modification Type:MajorLast Reviewed:6/24/2004
Keywords:KB149978
©2004 Microsoft Corporation. All rights reserved.