Microsoft’s deeply-ingrained local admin culture

If you go along to the Microsoft Office Developer Center you are currently offered a “Developer Map for the 2007 Microsoft Office System”. It’s described as a poster, but is delivered as an executable. I’m normally suspicious of documents that come as executables, but this is a Microsoft site so I downloaded and ran.

You know what? This thing installs by default into a new folder on the C drive, which means it requires local admin rights. And what does it install? Just a PDF.

Personally I think delivering a PDF as an executable is crazy. Perhaps the author wanted to be sure it wouldn’t open within the browser; a zip would have been fine for this.

You can avoid the admin rights requirement by manually changing the target directory. Few people will do this, because we have learned that changing default directories is often a mistake.

This small incident demonstrates something big, which is the deeply ingrained culture of local admin rights on Windows. I presume that whoever tested this little executable was running as admin, otherwise this unnecessary and annoying requirement would have been spotted and removed.

It chimes with a remark made to me informally at last week’s Tech-Ed, that Microsoft staff running Vista commonly disable UAC (User Account Control), thus removing the most significant security feature in the new Windows.

It is a vicious circle. Microsoft runs with local admin rights, so it issues resources that require local admin rights without even noticing. That means users with lesser permissions or UAC get annoying problems, making them inclined to run with local admin rights as well.

The outcome: Windows stays insecure. Windows botnets proliferate. Malware flourishes.

If Microsoft is serious about security – which I believe it is in some quarters, it must get its own house in order. For the vast majority of computer users, including developers, running as local admin should not be necessary. That means a change of culture and will be hard to achieve; but if Microsoft itself does not make the effort, the world at large has no chance.

Technorati tags: , ,