Non-admin startup folder not protected (V3.12.111745.560 X32)

Environment: Win XP Pro SP3, X32, no other security software running
CIS: V3.9.95478.509 X32, fresh install (not upgraded), Proactive Security

My Protected Files includes by default the group called Startup Folders.
At CIS installation, Startup Folders includes:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup*
C:\Documents and Settings[i]admin_user_name[/i]\Start Menu\Programs\Startup*

However, the similar folder with each of the other user names, such a limited users, is not included and not protected.
Few users will notice the missing folder and add it manually.

Edit: update subject

This bug applies to all user specific path rules. Only the path for the installer is added. It would be better to users c:\users*\whatever to include all users (or the XP equivalent).

I tested on V3.9.95478.509 by using an application to write to a user-specific protected folder, and I confirm that tcarrbrion’s solution works.

File Groups containing user-specific paths include Startup Folders and Temporary Files.

My thanks to tcarrbrion for detailing a CIS security hole and work-around of which I was not aware.

I retested on a fresh install of CIS 3.12.111745.560, and the bug still exists.