U

überhackers, 11

.ult files, 196, 248

Unicode characters in passwords, 142–144

Uninterruptible Power Supply service, 280

Universal distribution group, 96, 97

Universal Plug and Play Device Host service, 280

Update (Microsoft), 65

Upload Manager service, 280

URI handlers, high-risk, 249–250

URI (Uniform Resource Identifier), 353

URL (Universal Resource Locator)

definition of, 353

obscurity attacks using, 355–357

spoofing, 354–357

untrusted web sites, not visiting, 366

URL authorization, IIS, 450

.url files, 202

URL monikers

definition of, 353

malware using, 32

Url.dll file, 353

Urlmon.dll file, 352, 353

URLScan tool, 450–451

usability, affected by security, 53

User Configuration section of group policy, 487

user rights assignment, group policy, 496–502

%UserName% folder, 132

%USERPROFILE% folders, 28

%UserProfile% folders, 28

users. See also LUAs (Limited User Accounts); security principal

built-in, list of, 99–102

education of, failure of, 54

installation of software by, 59

not allowing to make security decisions, 54

not assigning permissions to, 135

permissions of, resulting from multiple groups, 88, 130

preventing execution of files by, 218, 221–224

preventing from logging in as administrators, 329–330, 366

privileges to give to, 58–63, 218–219

training of, 418

unauthorized execution of software by, 8, 54

Users group

computer accounts in, 115

definition of, 112

SID for, 86

Windows trusts and, 117

Users OU, 520

User2sid.exe program, 87, 89

Utility Manager service, 281

.uu files, 202

.uue files, 202