A question about a vulnerability came up in class on how to stop users from opening a command prompt. The method used what to create a batch file with the command command.com in it. After following the procedure to prevent the RUN command from working (Click Here for this article)), the batch file with COMMAND.COM in it will not execute. I was still able to run a batch file with NET USE and successfully mapped a drive. This indicated that logon scripts should still run OK. Test thoroughly before using.