Coffeehouse Thread

9 posts

Windows Explorer security question

Back to Forum: Coffeehouse
  • User profile image
    rjdohnert

    If I am running an alternative shell and not Windows Explorer and Im using a different Filemanger than Windows Explorer, would I still be as vulnerable as users who are running it as their default shell?

  • User profile image
    pacelvi

    rjdohnert wrote:
    If I am running an alternative shell and not Windows Explorer and Im using a different Filemanger than Windows Explorer, would I still be as vulnerable as users who are running it as their default shell?



    Be as vulnerable to what threat?

    Reading between the lines, I think the critical factor would be to run as Limited User and not Admin.  That would protect you from what comes to my mind in the context of shell threats, no matter which shell you run.

  • User profile image
    Cannot​Resolve​Symbol

    rjdohnert wrote:
    If I am running an alternative shell and not Windows Explorer and Im using a different Filemanger than Windows Explorer, would I still be as vulnerable as users who are running it as their default shell?



    Just as long as you actually got rid of explorer you might...  I know Litestep uses (or used to use) Explorer to show desktop icons anyways.

  • User profile image
    rjdohnert

    Pardon me, I was referring to any type of future threat.  Litestep does use Explorer automatically for dispalying the icons but BlackBox doesnt.

    pacelvi wrote:
    rjdohnert wrote:If I am running an alternative shell and not Windows Explorer and Im using a different Filemanger than Windows Explorer, would I still be as vulnerable as users who are running it as their default shell?



    Be as vulnerable to what threat?

    Reading between the lines, I think the critical factor would be to run as Limited User and not Admin.  That would protect you from what comes to my mind in the context of shell threats, no matter which shell you run.

  • User profile image
    PaoloM

    ChrisA wrote:
    ...since you cannot shut down windows explorer...

     Provably false.
    ChrisA wrote:
    ...so yes I think you are still vulnerable to any and all windows attacks.

     Such as? Please feel free to go into details about attacks that exploit Explorer. We'll wait.
    ChrisA wrote:
    why not just switch to Linux where real security is practiced.

    Ahahaha... don't be ridiculous. Did you check secunia for the number of flaws in Windows and Linux? Just for last year? On a OS that runs on less than 1% of desktops?

  • User profile image
    pacelvi

    ChrisA wrote:
    I doubt bb in Windows works like the Linux or UNIX counterpart and it has to use windows explorer for something since you cannot shut down windows explorer so yes I think you are still vulnerable to any and all windows attacks. why not just switch to Linux where real security is practiced.


    You can't shut down explorer? 

    yeah.. you're someone i'm going to take computer advice from. lol.

  • User profile image
    Nidonocu

    I doubt running a different shell provides any difference in terms of security. Running Anti-malware, running with lowest required rights and good practice are the only things that improve your security.
    You can run with no shell (use nothing but TaskManger) and still be unsafe if you run a bad program.

  • User profile image
    prog_dotnet

    when users log on to a windows machine, an access token is made, containing the users permissions and access rights to the system.
    Every process that the user executes will use this token, and hereby run under the particular user security context.

    To minimize risk, log on as an restricted user, and use the secondary logon/run as feature when necessary. ( Right click an exe -->run as )

    Edit: you might find the The Non-Admin blog infomative.

    http://blogs.msdn.com/aaron_margosis/

    there is an article about using RunAs with windows explorer here;
    http://blogs.msdn.com/aaron_margosis/archive/2004/07/07/175488.aspx

  • User profile image
    msemack

    rjdohnert wrote:
    If I am running an alternative shell and not Windows Explorer and Im using a different Filemanger than Windows Explorer, would I still be as vulnerable as users who are running it as their default shell?


    It depends.  Some alternative shells hook into the same libraries of Windows as Explorer.  If a vulnerability is found in one of those libraries, you're just as vulnerable.

    You'd have to look at them on a case-by-case basis.

    Use depends.exe to look at DLL dependencies for Explorer (look at explorer.exe).  Then, compare it to your alternate shell of choice.  If you see any common dependencies, then a vulnerability in one of those DLLs could affect both.

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.