More problems with Windows 7 default UAC setting

M

Mithent

[H]ard|Gawd
Joined
Dec 19, 2007
Messages
1,616
After the previous UAC security issue in Windows 7, here's another exploit which allows an unprivileged program to perform arbitrary privileged operations without prompting:

My proof-of-concept program is a standalone executable that is run as a normal unelevated process. [..]

The proof-of-concept works by directly copying (or injecting) part of its own code into the memory of another running processes and then telling that target process to run the code. This is done using standard, non-privileged APIs such as WriteProcessMemory and CreateRemoteThread.

If the target process is on [a list of Microsoft executables which can silently launch elevated COM objects] then our process gains the ability to create and control elevated COM objects from [a list of Microsoft COM objects] without triggering a UAC prompt or giving any indication to the user (under default Windows 7 beta settings).
Click to expand...
http://www.pretentiousname.com/misc/win7_uac_whitelist2.html

Microsoft would no doubt say the same as before, that UAC is not a security boundary - and that is true. However, it goes to show again that the default compromised setting in 7 is much less secure than Vista's default, and the problems caused by having a whitelist.
 
I like what they did with Win7, but they need to stop listening to the whiners regarding UAC. UAC is not that bad once you have everything installed and set up the way you like. Those wishing to turn it off can with little more than a google search. When Win7 ships I hope UAC is back up to Vista's default level.
 
UAC, by default, needs to be 100% ON!!!!

If users want to cripple the security on their systems, it needs to be a conscious effort to do so.
 
Mithent said:
After the previous UAC security issue in Windows 7, here's another exploit which allows an unprivileged program to perform arbitrary privileged operations without prompting:


http://www.pretentiousname.com/misc/win7_uac_whitelist2.html

Microsoft would no doubt say the same as before, that UAC is not a security boundary - and that is true. However, it goes to show again that the default compromised setting in 7 is much less secure than Vista's default, and the problems caused by having a whitelist.
Click to expand...

And MS has already apologized and they are correcting the "issue" so this is old news and that person is just trying to spread more FUD.

TechieSooner said:
UAC, by default, needs to be 100% ON!!!!

If users want to cripple the security on their systems, it needs to be a conscious effort to do so.
Click to expand...

I agree with that. Have already submitted feedback to them stating as much as has all my friends that are using Windows 7. UAC should be maxed out. If users want to weaken their security that should be their decision.
 
You must log in or register to reply here.
Back
Top