EES/EEA Security breach

[Ivart Filho 0]

Hi all, in my tests with v6 I´ve identified two security breaches, first with password protecting client settings user can stop protection any time without entering password and second ondemand scan sent by Remote Administrato client task can be stopped by the user. In version 5 it´s not possible.

[Marcos 5,070]

Users with administrator rights can do that. This is intentional and by design, however, we will change this behavior in the next service build. It's important that you don't use admin accounts unless necessary, otherwise potential malware running with administrator rights might do much more damage than under standard user accounts.

[Ivart Filho 0]

Some clients need to use administrative accounts on windows because legacy apps doesn´t work with standard accounts.