This is one that I have been thinking about for a while. One of my students in a server 2008 class pointed me to an article that corrected my train of thought. The question is, why is the Everyone group granted access when a share is created? Remember, I’ve been an MCSE since Windows NT4. At that time, the Everyone group included all authenticated users, and those who were on the network anonymously. I found this to be a security vulnerability so I have been advising students to remove this and use the Authenticated Users group instead for general share access for your entire domain. (Caution, it you have a trust relationship set up with another organization, they are also a member of the Authenticated Users group.) This article from Microsoft explains that the anonymous users have been removed from the Everyone group. This change happened in Windows 2003/XP.