überhackers, 11
.ult files, 196, 248
Unicode characters in passwords, 142–144
Uninterruptible Power Supply service, 280
Universal distribution group, 96, 97
Universal Plug and Play Device Host service, 280
Update (Microsoft), 65
Upload Manager service, 280
URI handlers, high-risk, 249–250
URI (Uniform Resource Identifier), 353
URL (Universal Resource Locator)
definition of, 353
obscurity attacks using, 355–357
spoofing, 354–357
untrusted web sites, not visiting, 366
URL authorization, IIS, 450
.url files, 202
URL monikers
definition of, 353
malware using, 32
Url.dll file, 353
Urlmon.dll file, 352, 353
URLScan tool, 450–451
usability, affected by security, 53
User Configuration section of group policy, 487
user rights assignment, group policy, 496–502
%UserName% folder, 132
%USERPROFILE% folders, 28
%UserProfile% folders, 28
users. See also LUAs (Limited User Accounts); security principal
built-in, list of, 99–102
education of, failure of, 54
installation of software by, 59
not allowing to make security decisions, 54
not assigning permissions to, 135
permissions of, resulting from multiple groups, 88, 130
preventing execution of files by, 218, 221–224
preventing from logging in as administrators, 329–330, 366
privileges to give to, 58–63, 218–219
training of, 418
unauthorized execution of software by, 8, 54
Users group
computer accounts in, 115
definition of, 112
SID for, 86
Windows trusts and, 117
Users OU, 520
User2sid.exe program, 87, 89
Utility Manager service, 281
.uu files, 202
.uue files, 202