COMMAND

    System Policies

SYSTEMS AFFECTED

    WinNT

PROBLEM

    Adam Simms found  following.  He  has disabled the  File Menu drop
    down in my System  Policies, and then found  that by opening up  a
    application via OLE,  one could again  have the ability  to access
    the File Drop  down menu.   This occurs on  both NT 4.0  and NT TS
    4.0.

    So, after disabling  the File Drop  Down with NT  System Policies,
    Adam found that by opening up a application via OLE, i.e. Winword,
    he again had the ability to access the File Drop down menu.   Once
    he did  this, he  was able  to write  a macro  into his Word *.doc
    file,  and  execute  any  command.   He  was able to gain registry
    access as well  as access User  Manager and Domain  Administration
    access.  The user that was logged on had User Only Rights.

SOLUTION

    Nothing yet.