Main Menu
» Home
» News
» Forums
» Articles
» Files
» Blogs
» Chat
» Search
» Register
» User CP
» Screenshots
» Disclaimer
» Submit News
» News Archive
» Contact Us
Follow Us
» Facebook
» Twitter
» Newsletter
» RSS Feed

Windows 7 UAC Leaves Door Open for Attacks
Posted by Regeneration on February 2nd, 2009, 02:48 PM

When Windows Vista was launched, it brought to the table a new feature that was supposed to safeguard the user: the User Account Control (UAC). However, the useful feature, which could be disabled, became the source of a great deal of the OS's early criticism due its warning messages which some users found irritating.

With Windows 7, Microsoft decided to switch gears and is offering a less nosey UAC in the beta version of the OS. This move was the subject to much early praise. However, it may have now backfired as a blogger Long Zheng, who runs the blog Start Something, has detailed a proof-of-concept attack against the new Windows 7 UAC.

Mr. Zheng says the attack is a vindication of Windows Vista, and evidence that the new Windows 7 approach, while more pleasing to some, is inherently insecure. He states, "This is dedicated to every ignorant ‘tech journalist’ who cried wolf about UAC in Windows Vista. A change to User Account Control (UAC) in Windows 7 (beta) to make it ‘less annoying’ inadvertently clears the path for a simple but ingenious override that renders UAC disabled without user interaction. For the security conscious, a workaround is also provided at the end. First and foremost, I want to clear up two things."

You can read the entire article at DailyTech.

3 Comments
Posted by Chaos on February 2nd, 2009, 06:39 PM
thats nasty
Quote
Posted by PrEzi on February 2nd, 2009, 07:35 PM
I think that the only thing MS should include to shut those 'open doors/back doors' - cryers would be to include an elevated prompt when any of the UAC settings is changed.
BANG! - problem solved.
Quote
Posted by squall_leonhart on February 9th, 2009, 08:58 AM
Oh PULEEEZE

UAC was a complete Failure, Even with it enabled, computers could be entirely wiped out with a user level virus.
Quote

 

Quick Reply
Message:
Your Username: Click here to log in

Options
 





eXTReMe Tracker

Copyright © NGOHQ.com - All rights reserved
Reproduction in whole or in part in any form or medium
without written permission of the site's owners is prohibited.
Powered by vBadvanced and vBulletin from Jelsoft
Copyright © 2000-2007 Jelsoft Enterprises Limited
Search Engine Friendly URLs by vBSEO 3.3.2

Contact Us - Archive - NGOHQ.com - NGOHQ.org - NGOHQ.net - Disclaimer - Top