Tuesday, November 13, 2012 9:14 PM
There are vulnerabilities that exploit the Briefcase on all Windows editions released in November 2012. I would like to Disable/Remove this option from all users on my Remote Desktops Services (Terminal Servers) servers, users do not need this option anyways. Is there any way to do this?
Right mouse click on the desktop > New > Briefcase.
Tuesday, November 13, 2012 10:13 PMModerator
There are other briefcase-related registry keys that you may consider removing as well. Some examples:
You may want to only remove HKCR\Briefcase so that you minimize the amount of non-standard changes you are making to your server.
The above will not completely remove Briefcase, so there may be another way for a user to start it. You may consider setting NTFS permisisions for syncui.dll (both in system32 and syswow64) to Deny for regular users. One thing to keep in mind when setting permissions is that syncui.dll may need to be updated in the future, for example, because of a service pack or update. I believe this requires that TrustedInstaller has the ability to read/write the file.
- Marked As Answer by dkgcb Wednesday, November 14, 2012 2:46 PM