Debater» Removing administrator rights means that advanced malware is no longer a problem.

摘要

One of the most effective steps that can be taken to mitigate malware threats is to implement a least-privilege approach. The most dangerous and persistent threats often look to bury themselves deep inside the OS, using rootkits and other kernel-level techniques. It can then cloak itself from security solutions,making detection and removal problematic. In order for malware to infect the kernel, it must run in a privileged context or gain access to a privileged account, such as a local administrator. If a user logs on with an administrator account, malware can then gain access to a privileged context with ease, whereas if admin rights are removed, then it becomes much more difficult. It's no surprise that most of Microsoft's critical vulnerabilities state that users who logon to systems with fewer privileges will be less impacted.