Testing with Viruses - 2006
To test the effectiveness of a non-privileged account in blocking viruses and
trojans,
these viruses
were downloaded to a local folder, and then double-clicked.
In every case, the virus would not run, due to an access violation. No antivirus program was running. For
example:
An antivirus scan after the test found no infections, apart from the original copy.
a non-privileged account is an effective defence against most common viruses, including
new (so-called "zero day") viruses, found nowadays (2006).
A similar test performed by
eWeek Magazine in 2005 showed similar results - virus fragments
were found only in the browser cache.
Does that mean I needn't worry about viruses anymore ?
Unfortunately, no.
- You can still be "talked into" running a virus or trojan as an administrator. It may be presented
as a critical software update, or a special movie player.
- Many new viruses will run in user mode. They will still infect your files, send email or instant
messages, and cause trouble. But they will not be able to infect system files, or other users, and may
not survive a reboot. They won't need a system rebuild to remove.
- Other new viruses will exploit vulnerabilities in the operating system, which let them
run with administrator privilege. But to be successful, they need "two errors" - both a vulnerability and a way
into the system, for example you to download them.
So it's still important to keep your system updated, and to use an antivirus program - many are free for
personal use. But
less so than if you run as administrator.