Securing the Start Menu

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Found a flaw in security at a school I was at today that I thought I'd share. (Yes it was the same school that I've had all of the other problems at!)

Basically the Students all have a mandatory profile that they access, they also have a redirected Start Menu that is redirected to a share on the server.

What we discovered today is that if users double click on a program folder on that folder they open up a windows explorer window that allows them to browse up through the server structure, and ultimately the network, which for those of you who work in a school will know that this is a big no no.

After a lot of googling it seems that the easiest fix for this is to add a registry key that stops the explorer windows from openning. The registry key is as follows:

REGEDIT4

[HKEY_CLASSES_ROOT\Directory\shell\open]

[HKEY_CLASSES_ROOT\Directory\shell\open\command]
@="c:\\Windows\\system32\\net.exe"

You need to add the above to a .reg file and then you can either simply double click and add it to the registry manually, or, if like this school you have 650 workstations add it to a startup script batch file GPO.