Check or Attack Name: System Operator

A user was found in the System Operator group that is not typically a member of this group. Verify that the user should be a member of this group.

False Positives: If the user is a legitimate member of this group, then this is not a vulnerability.

If the user should not be a member of this group, remove the user from the group.

To remove a user from a group, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user from the list.
3. From the User menu, select Properties to display the User Properties dialog box.
4. Click Group to display the Group Memberships dialog box.
5. From the Member of list, select System Operator and click Remove.
6. Click OK.