I recieved this email from [langalist] Langalist Standard Edition 2004-12-06 Here is the link that was posted in this email reguarding how easily Symantec/Norton Antivirus' ("NAV") script blocking can be defeated. http://www.informationweek.com/story/showArticle.jhtml?articleID=54800003 Langa Letter: Norton Antivirus And The Single-Layer Defense Fallacy Dec. 6, 2004. A simple hack can disable Norton's script blocker. I thought this was an important tip that was posted in this email, for people like myself, who are just learning the in's and out's of security. I'm also new to Windows XP and I am taking a guess, in order to play it safe, that I should not be logging on as administrator. Does anyone have any futher thoughts on this? Langalist article from my email: That response, while not exactly brushing off the demonstration scripts' import, does downplay it; pointing out that the exploit requires at least some level of user complicity: The user must be operating in an account with Administrator rights, and must somehow launch the initial script. Milisic regards this response as inadequate because most users do run with Admin privileges; and--- as we all know from the proliferation of email-borne worms and viruses--- people do click when they shouldn't. Who's right? Well, strictly speaking, Milisic is: The scripting problem seems real. But more generally speaking, there's not much that Symantec-- - or anyone--- can do about misbehavior on the part of users. For example, way too many people don't create a safer, less-privileged account for routine PC use and instead run all the time in a fully privileged, Admin-level account. This is risky, as any compromising of this account puts the entire system at risk. Plus, many users seem to click on every random email attachment they get, even though they know it's very dangerous to do so until and unless you know what's really in the attachment. I'm not ignorant, I just need more learning!

Thanks Tammy!