This is dedicated to every ignorant “tech journalist” who cried wolf about UAC in Windows Vista. A change to User Account Control (UAC) in Windows 7 (beta) to make it “less annoying” inadvertently clears the path for a simple but ingenius override that renders UAC disabled without user interaction. For the security conscious, a workaround is also provided at the end. First and foremost, I want to clear up two things.
First, I was originally going to blackmail Microsoft for a large ransom for the details of this flaw, but in these uncertain economic times, their ransom fund has probably been cut back so I’m just going to share this for free.
Secondly, the reason I’m blogging about this flaw is not because of its security implications – it is blatantly simple to fix – but Microsoft’s apparent ignorance towards the matter on their official Windows 7 beta feedback channel by noting the issue as “by design” and hinting it won’t be fixed in the retail version. A security-minded ‘whistleblower’ came forth to ask me if I could publicize this issue to maybe persuade them to change their mind. And that’s what I’m doing.
Now for a bit of background information on the changes to UAC in Windows 7. By default, Windows 7’s UAC setting is set to “Notify me only when programs try to make changes to my computer” and “Don’t notify me when I make changes to Windows settings”. How it distinguishes between a (third party) program and Windows settings is with a security certificate. The applications/applets which manage Windows settings are signed with a special Microsoft Windows 7 certificate. As such, control panel items are signed with this certificate so they don’t prompt UAC if you change any system settings.
The Achilles’ heel of this system is that changing UAC is also considered a “change to Windows settings”, coupled with the new default UAC security level, would not prompt you if changed. Even to disable UAC entirely.
Of course it’s not a security vulnerability if you have to coerce the user into disabling UAC themselves (although sweet candy is exceptionally persuasive), I had to think “bad thoughts” to come up with a way to disable UAC without the user’s interaction. The solution was trivial, you could complete the whole process with just keyboard shortcuts so why not make an application that emulates a sequence of keyboard inputs.
With the help of my developer side-kick Rafael Rivera, we came up with a fully functional proof-of-concept in VBScript (would be just as easy in C++ EXE) to do that – emulate a few keyboard inputs – without prompting UAC. You can download and try it out for yourself here, but bear in mind it actually does disable UAC.
We soon realized the implications are even worse than originally thought. You could automate a restart after UAC has been changed, add a program to the user’s startup folder and because UAC is now off, run with full administrative privileges ready to wreak havoc.
This is the part where one would usually demand a large sum of money but since I’m feeling generous, there is a simple fix to this problem Microsoft can implement without sacrificing any of the benefits the new UAC model provides, and that is to force a UAC prompt in Secure Desktop mode whenever UAC is changed, regardless of its current state. This is not a fool-proof solution (users can still inadvertently click “yes”) but a simple one I would encourage Microsoft to implement seeing how they’re on a tight deadline to ship this.
Having UAC on at the policy as it is currently implemented in Windows 7 is as good as not having it on at all.
Until when Microsoft decides to fix this, if they do at all, beta users of Windows 7 can also apply a simple fix. Changing the UAC policy to “Always Notify” will force Windows 7 to notify you even if UAC settings change. Annoying, but safe.
Update: I must credit Aubrey from WindowsConnected.com for also touching on this issue briefly today.
Update 2: Microsoft has officially responded to my concerns and continues to insist the functionality is “by design”, dismisses the security concerns and again leans towards they will not be addressing the issue for the final release of Windows 7.
Update 3: A reader has kindly asked me to highlight a particular condition for this to work, the user must be in the “Administrative” user group, and not in the “Standard” user group where they will be prompted for a administrative password. In defense of the seriousness of the issue, the Vista and Windows 7 default user group is “Administrative” and I’m sure that’s what most home users are running.
Update 4: Microsoft’s Jon DeVaan has posted a response on the official Windows 7 blog with an extensive look at the UAC system in Windows 7 and their decision on the default security policy. In conclusion, they continue to stand by their decision and does not indicate they will change the default UAC policy.
90 Comments
Eric Rodewald
Scary. I can’t imagine that they would ignore this flaw unless there is more to the story we aren’t hearing. This sort of compromise in a released product would be discovered on a Monday and fixed on Patch Tuesday.
JT
On their lowest 3 settings, the UAC prompts aren’t a security boundary at all. If explorer.exe can silently elevate to write a shortcut into the allusers startup directory, you can call the same COM object and do the same work from your own app. *shrug*.
Albert
I’ve always been a lone advocate for UAC. Mainly because it protects “average” users…and there are a lot more of them than us. However, it will be very difficult for Microsoft to address this issue. It needs to somehow please all of those people at the top (who find UAC annoying and have the power to publicize their opinions to the point it determines the realities of “average” people) and keep end-users safe, so Windows itself can be more secure. Like Long said, “Annoying, but safe.”
Taimur Asad
i now hear a wo-wo coming from Microsoft.
Thor Marius K.H
Wouldn’t a potential fix be to disallowing any application to interact with the signed programs? Forcing human interaction?
Long Zheng
@Thor Marius K.H: That would fix it, but then has the potential to break application compatibility if they relied on this capability. Also, they already have a solution called “Secure Desktop”, where it dims your screen, but its off because UAC never prompts you.
Afizz
That UAC icon sure is scary. I like Vistas UAC icon more than Windows 7.
Long Zheng
@Afizz: I hope you realize the “break” was intentionally edited by myself, and is not the default icon in Windows 7
Mark
Isn’t releasing this informaiton and code irresponsible?
Cullen D
@Mark
I’m guessing that if someone has the skill to write a virus in a high level language, they would be able to do something as simple as VB, as well figure out the flaw.
Long Zheng
@Mark: People have already tried to get Microsoft to fix this via non-public means, but that hasn’t worked for them which is why they’ve come looking for support. The way I see it, it would be irresponsible of me to know about this and not get it changed before its final.
Fowl
I thought this when I first heard about the UAC changes in 7, but I’d always assumed that Microsoft knew what they were doing… I trusted them, they were very specific about how UAC in Vista was done the way it was to avoid this sort of thing – so it seemed logical to me that they had found some workaround and it was still secure. Apparently not.
Humph. ;(
Albert
@Afizz: I don’t know…they’re sporting my school’s colors
Sven
Long, thanks for publishing this.
I’m one of the people who has bugged this issue on the Connect website. My bug received nearly fifty validations, and at over forty votes had an average rating of 4.9 out of 5. The bug was the highest rated bug on the Windows 7 Connect website.
Then Microsoft, much to my astonishment, closed it as “by design”. Hopefully drawing some more attention to this issue will achieve some results.
Michael Teper
http://blogs.msdn.com/oldnewthing/archive/2009/01/21/9353310.aspx
Don
If memory serves Vista used to be more like that before it became final, but then accessibility software vendors complained that it would stop their products from working. The solution used was that the accessibility software would then run in a higher integrity level which was even able to control dialog boxes such as the UAC prompts.
The rule for allowing a program to affect another program is that it can do so if it has the same integrity level or higher. So I can see why this has been labeled “by design”.
Christian
Interesting find Long. Thanks for posting this.
Fowl
@Michael Teper: The whole point is that a program that doesn’t have admin rights, can get them without user interaction/consent.
Don
OK, so after looking into this it’s not done how I thought it would be done. The problem I see is that the window where you can change the UAC setting is owned by “explorer.exe” which runs with medium integrity. This is why the VB script is able to inject keyboard events into that window.
Oops.
Jason Cox
Yikes. Hopefully this gets fixed before RTM.
Matt Sharpe
Unless this is changed before RTM, it looks like I’ll be changing UAC mode to “always prompt” on all my Windows 7 installations in the future!
dj_cityboy
good job on bringing this to everyones attention, and its sad that MS is stating this was done by design, lets hope by pulling this into the light, sumthin will be done about it.
lets just hope this gets fixed by RTM!
peas
cityboy
Yert
People have complained that UAC is useless, but the second someone gets the other half of their complaints, being “less annoying” (and let me tell you, run XP the way it is meant to be run – in a limited account, and you will know that UAC is a gift – the complainers are only admitting being mentally retarded when it comes to security) then it actually becomes useless!
*sigh* Looks like I’ll have to do some baseline configuration when I first install a Windows 7 box because the default sucks.
Fowl
Perhaps it’s only “by design” in the beta to ease testing?
Albert G.
Thanks for posting this. I really hope MS fixes this before going retail, but if not, at least we’ll know now what setting to use.
Oh, and the Vista’s UAC haters never really had any idea what they were talking about anyway.
Thanks again.
Good_Bytes
Let’s all send a feed back explaining this issue!
With the high number, Microsoft is sure to look into it.
Long Zheng
@Good_Bytes: That is the problem, everyone DID send feedback about this issue, and it had a lot of votes, but Microsoft shut it down and marked it as “by design”. Which is why we’re now here.
Good_Bytes
Ah, now I undertsand..
But I think we need try again.. I mean look under Vista when you maximize a window/program teh boarders turns blackish and the taskbar turns black opaque as well. Few people complained, Microsoft said it was by design, but they did change in Windows 7, making the programs on Windows 7 unusable….
I am sure more pressure will make Microsoft change it.
Gus
Anybody who complains about UAC itself is just too plain stupid.
On all my machines, Windows and Linux, I run as unprivileged user, and it’s not much of a problem. OK, you need to tweak permissions on one or two registry entries and one or two files, but it sure is a lot less work than setting up your OS after a malware attack.
The real problem is how UAC was _implemented_ in Vista: if you want to, suppose, copy a folder with 2 EXEs into c:\programs, you have to answer several prompts, because UAC in Vista is not clever enough to see this as one action:
1 – You are about to do something that needs administrative privileges – OK to proceed?
2 – You are about to create a folder in c:\programs – OK to proceed?
2 – You are about to copy a program to c:\programs – OK to proceed?
This is the REAL UAC WTF – Windows should be clever enough to see this as ONE action:
1 You are about to create a folder in C:\programs and copy two program files into it – OK to proceed?
Gus
I forgot something else to add to my above post:
Software that needs full privileges for doing non-administrative tasks is just badly written. Ever since people changed from Windows 98 to 2000, separation of user accounts and separate access have existed for most users – that’s almost 10 years ago!!!
IMHO, Microsoft should have discouraged users from running as admin years ago and should never have created the “power users” group.
If software on other OSs can live without these privileges, Windows-SW should be able to do that as well. Maybe it’s time to get rid of all the old and badly written stuff, or talk to your suppliers about it.
W7
You’d think they have to fix this in the next release now that this has come to light. Submitting feedback on the issue can’t do any harm, even if it got us here in the first place.
Jeroen
This problem can be solved even simpler than your suggestion.
Just like Cardspace, put the dialog to change the UAC settings on the secure desktop, so programs cannot interact with the UAC settings dialog. The problem is that changing the checks of whether or not to skip a UAC prompt will probably introduce more problems and a whole lot of work…
Imran
Bug it simple.
Larry Seltzer
Long Zheng,
So could they block this attack by making the UI behind the applet that actually imposes the change force the user to confirm in secure desktop?
Jordan
Gizmodo has also mentioned/linked to this post and credited you.
Todd Jolley
Wow, forgot how much crap I left behind when I went to OSX.
MS will never be able to secure their OS until they bite the bullet and make a clean break from how they architect their OS and move to a paradigm that the Unix and Unix-type OS’s have used for over 20 years.
UAC is nowhere near as annoying on OSX: You try to install a program that accesses system level resources, you get a single prompt to put in your system password. The first time a program is run, you get a pop-up indicating the source of the program and where it came from. After allowing it to run, you never get bugged again.
We’re coming up on 8 years of OSX (March 24th) with a grand total of 1 Trojan that was just released on pirated iWorks ‘09 last week, and 1 other malware program from a couple of years ago that only infects a Mac after the user did 5 specific steps, in order, to actually install it and give it access to the system.
Linux and Unix are pretty much in the same boat. Maybe there is something to this whole “users are not system admins by default” thing? Maybe MS should fix the underlying design flaw and deal with some broken software packages while the vendors fix thier packages. Suffer the pain and fix the issue once and for all.
Good_Bytes
Great another macfanboy troll coming to a windows topic to show of how Mac is better, when it clearly is not, and is full of issues. End of conversation.
frymaster
“Maybe there is something to this whole “users are not system admins by default” thing?”
what a brilliant idea. Why don’t we make all people run as limited users by default but, like the linux “sudo” command, allow them to escalate to admin priviledges without having to log off and log in again! we could call it “uac”…..
Marc Klink
I suppose this is a big deal to some, but to me it also focusses attention on what has been wrong with Windows for (now, with 7 almost out) the past 2 iterations. Microsoft makes things difficult , or impossible, to do, and forces the users to yield or not use the product. The company does this to ostensibly save the user from ‘all the bad things’ out to get them in cyberspace. In doing so, those who are not idiots, and have an idea of how to keep a machine from being compromised are left with systems that are effectively taken over by the Microsoft hive mind method of doing things.
With each change lately, a few more will not surrender to the idea of Microsoft telling them where their programs can reside on their hard drives, how they can’t have a hierarchical structure of programs in the way that they please, or how those programs can be accessed in a start menu.
Many will accede to the stupid and capricious will of the designers at Microsoft, who publicly criticize Unix structures, and then quietly and clumsily copy them for their own wants. These sheep will do so because they are sheep, but not everyone will.
Rather than have all of this ‘lockdown’ affecting everyone, perhaps it would be better to suggest to Microsoft to, instead of having multiple flavors of 7 with few differences, to simply have a different distinction. Windows 7 for Beginners, the OS that will allow MS to dictate EVERY major and minor element, under the guise of safety, and Windows 7 Advanced, for those who wish to actually use the hardware and software they buy without annoyances, in the way they see fit.
BA
So basically, get the user to run a program to disable UAC to then run a program that can do stuff to the system.
What if I don’t run your program? Can you disable my UAC without any effort on my part?
Stuart Kelly
It is a same that such a serious security issue has not yet been addressed. Hopefully Microsoft will fix this before the release candidate.
Dennis
Microsoft should not allow the average user to disable the UAC control and they should design it so that users have to enter their passwords, thereby making it more similar to the *nix OS designs. If users had no choice but to enter their password each time they made some change that could affect their system files, it might condition them into being more careful about the changes on the system that they allow. A prompt out of nowhere when you haven’t performed any recent actions would make more users suspicious and hopefully prevent a few infections or worse.
Daniel
A more responsible way to log these kinds of things, rather than taking it into your own hands…. http://www.zerodayinitiative.com/
Great find, just imo, not done the right way.
Mark
@longzheng – thanks, i didnt realise it had been reported to Msft earlier through private feedback
James G.
Prompting for a password will just condition users to enter their password. Why don’t you stick to science, instead of unix-fanboyisms. It is better that a user not enter his/her password all the time, for obvious reasons.
I blame the UAC haters for this issue in Win7, they complained and spammed message boards over and over until MS gave in, and now it’s insecure, and now the haters complain about THAT. Figures. MS should fix this, but probably won’t. There’s too many clueless lusers out there who don’t want the trouble of pressing yes/no and getting a screen blink for them to change it now. I really don’t blame MS, how can MS make a secure OS when everyone complains and names it ‘the top 25 tech flop’ etc. for their trouble, MS has to give the market what it wants, and the stupid lusers want an insecure OS. Just thank god we can switch it to secure mode in a few mouse clicks.
ac
windows 7 will come with free malware protection which I think will compensate for uac changes
Corrine
Enter my hero, Bill Pytlovany, developer of WinPatrol!
WinPatrol to Plug UAC Security Flaw In Windows 7
canchin
This is just another reason why nobody should bother with any new OS release until at least Patch 2.0.
I moved from W98 to XP after Patch 2.0 came out and I haven’t had a single problem. I wont bother with Vista – just like I never bothered with “Bob” or “Me” – and will not give MS my money until Windows 7-Patch 2.0 because I refuse to give MS my money so that I can pay them to allow me to be a Beta Tester.
I figure, sometime in perhaps 4th quarter 2010 W7 will be ready for prime time.
If there are no early adopters due to reports like this one showing MS isn’t interested in fixing the bugs found by Beta Testers and tech-savvy researchers, and MS sees themselves looking at another Vista debacle of low adoption percentages, perhaps they’ll actually listen to those like Mr. Zheng who are trying to help them.
duane baker
i have one comp. with xp and my new comp. with vista. my vista is the only one on the internet. all i do is read email & surf the web. on line. i play war games, single player. i do not think i will update to windows 7 because vista is bad enough. in fact think i will just drop the internet altogether because i:m already seeing another rip off by microsoft. they are laying off 30 thousend people. why dosn:t bill gates give those people a few billions he made off of people. instead of laying them off. what happens when people don:t jump on the band wagon of windows 7? i think dumbes like me who bought vista should get a free upgrade to windows 7? thanks for listening to my gripe.
duane baker
THANKYOU””””’
Jeffrey Byron
haha first things I noticed was, that is not the icon for the security shield in Windows 7 on the first image, its the new yellow blue yellow blue shield not the Vista red green blue yellow shield.
Anyway I’m sure Microsoft will work on this, that’s why they have beta’s. I’m not worried at all.
Steve Coleman
And to think just how long it took MS to “fix” the shatter attack (sending messages to a priv window to get admin privs, broken since NT 4.0 and finally fixed in Vista) and then they turn right around and reimplement a similar “feature” like this within two years time.
Satish
I feel like few others here that MS decided to label this bug “By Design” because of certain accessibility products or the functions used in certain products of large corporate users/ISV’s, which require automatic elevation at certain stages of their functioning without user interference.
Hopefully MS could patch this in a cleaner manner by
1. Prompting UAC to users when UAC settings are changed.
2. Providing a Group policy by which other programs / admins who want to use automatic elevation can achive it . ( May be even program names and signatures which will be allowed to do it is in Group Policy.)
3. Prompting UAC to users when group policies regarding UAC are changed. ( which will be only one time … say … during program installation.
Aubrey
I’m glad others besides me realize how important this is. Thanks for the link and for helping to get the issue out in the open. Hopefully Microsoft will recognize what a huge problem this is before RTM.
martin
so whats the code name of windows 7?
i found this http://tinypic.com/view.php?pic=2uj7cxv&s=5
loop
what the hell are they thinking…critical vulnerability so lets ignore it…something fishy going on here..that or “by design” means that they have no way of fixing it or you either have to be protected fully or no protection at all through uac….no middle road here..idiots!!!!
someone anonymous
Well, the Action Center runs as a service, so what if you set the Action Center to Automatic and deny everyone else permission to change the startup state of the service in the registry?
SireeBob
*sigh* I think it was just a case of TL;DR (too long; didn’t read) for the Microsoft employee looking at the bug report. I suggest submitting another, but if this problem keeps getting attention, somebody at Microsoft with half a brain should hear about it anyway. These people are conditioned to assume all users are stupid, and sometimes they don’t even give bug reports like this a second thought.
Master Guru
Long,
Thanks for the update, but would all you blogging folks now please correctly show home users how to create a user account and what to do when prompted for admin credentials….it is the right thing to do.
Good_Bytes
@martin , this is fake.
Longhorn is Vista. (NT 6.0 (yea still NT even if in reality it’s a new core… it should NNT (New NT, or New New Technology), or some other name… but wtv)
Windows 7 is NT 6.1. Project name of Windows 7 is…. Windows 7. Why 7? because the the 7th release of Windows for non-servers computers.
Good_Bytes
@SireeBob , that is an unfair statement.
Do you think the programmers get these tings? No they don’t!
It pass trough filters (people deleting useless feedback like “YOU SUKX!!!!!111111 one one one one”, then it gets regrouped, and goes to some manager (like most companies they don’t know jack shit about computers), read them and decides teh follwoing:
– “I have to see the project engineer working on the appropriate part of Windows to seek for a solution”
– “It looks too complicated to fix, screw it”
– “I know best! I think the project engineer would agree that it was by design.. I won’t bother them”
– “It’s an easy fix, let’s fix it”
– “We got better priorities, because I think that UAC (which I have no clue what that is) is unimportant”
agcd07
Doesn’t the user still have to download and copy the application into their startup group or registry to get it to emulate the keyboard shortcuts in the first place? Wouldn’t automating that process trigger the UAC alert? Maybe this is why Microsoft doesn’t really care about fixing it., because it can never be fully automated.
Good_Bytes
Yes, if you put the security bar to the max, I think (Won’t that be Vista behavior?)
Albert
If the programs must have this “certificate” how did you manage to get the certifcate for the program you and Rafael created?
Bill Melater
This is what happens when your developers are from other countries, taking orders from U.S. management, and do not understand the requirements.
Daniel
A more responsible way to log these kinds of things, rather than taking it into your own hands…. http://www.zerodayinitiative.com/
Great find, just imo, not done the right way.
You got your awnser that its by design, your not happy with it… dont use it. Simple really.
Craig Matthews
It’s on Digg, should go digg it:
http://digg.com/security/UAC_Security_Flaw_in_Windows_7_Microsoft_Will _NOT_Fix
Long Zheng
@agcd07: No. They can download a malicious application (VBS, EXE) and save it to their desktop. Then double click on it. No UAC prompts at all.
agcd07
@Long Zheng: If the user has to download and double click on it, then what’s the security risk? How is this a security flaw? Next they’re going to say your surge surpressor has a security flaw because the end user could switch it off while the computer is on.
Good_Bytes
@agcd07 , no because Vista doesn’t have this issue…
It’s sad to see Vista more secure than Win7.
Long Zheng
@agcd07: You’re assuming hackers and people with truly evil intent are as considerate and forthcoming as Rafael and I.
The point is, the code that is used to disable UAC entirely can be run in low-privilege mode. The method the code gets on the system can be many and unpredictable. A download is a simple example for a proof-of-concept, but other possibilities include remote code execution via a browser, a “trusted” download becoming infected and other Windows security vulnerabilities.
This is a security flaw not because of how it is executed, but how the security system is designed. A prison where a prisoner can turn off the entire prison without tripping an alarm is a bad prison.
agcd07
@Long Zheng: Ok, I understand now. But you are talking about automating keystrokes. Couldn’t far more damage be done with enough keystrokes, UAC aside? The keystroke automation thing can be applied to hundreds of different things. Maybe MS should think about how easily keystroke automation can take advantage of things.
Long Zheng
@agcd07: Keystroke automation has its uses. This UAC flaw however is more important than anything else because once UAC is disabled, everything else can be manipulated without keystroke automation by a full-privileged malicious application.
Leo Davidson
The UAC whitelist is anti-competitive, as well as being badly designed/secured.
Users cannot add 3rd party components that they use & trust to the UAC whitelist. Only Microsoft’s own components can be on it. So, for example, third party file managers have to display at least one UAC prompt to get admin access while Microsoft’s Explorer does not. That isn’t an even playing field.
Similarly, users cannot remove Microsoft’s components from the UAC whitelist. So if you do not use Explorer but do want the whitelist (which is on by default), you are forced to leave the security hole open for Explorer even though it doesn’t benefit from you. Explorer’s UI isn’t isolated like an admin process is — its windows have “medium integrity” — so there doesn’t seem to be anything to stop it being remote-controlled via mouse & keyboard events. (As the VBScript in the root post proves!) Which is an okay trade-off if you use it but a stupid security hole if you don’t. (And it seems stupid for the UAC control panel itself to be on the whitelist.)
Sadly for me (a file manager nut), people don’t seem to care much about anti-competitive behaviour that affects anything other than web browsers, so nobody AFAIK has picked up this story, although I did mail a bunch of sites about it.
More details here, including a confirmation from Microsoft:
http://www.pretentiousname.com/misc/win7_uac_whitelist.html
asf
@Leo Davidson: I’m with you all the way on this. They do the same thing with MSI, use MSI or no logo for you, I don’t understand how they get away with it.
Bryant
@asf
They get away with it because it’s their OS. If you have a problem with it, buy a Mac (keep in mind that Apple is considering similar measures now that Mac marketshare is increasing after seeing how successful “approved applications” can be through the app store) or use Linux.
As for Leo Davidson’s post, I disagree with most of the FUDmongering except for the bit about explorer having unlimited admin access while holding medium integrity. That’s definitely a design flaw.
Leo Davidson
@Bryant,
What, exactly, was “FUDmongering” about my post? Everything in it is a verifiable fact and the inability to change the whitelist confirmed by MS.
And how, exactly, would switching to another platform solve my problem when you yourself say the vendor of that platform can be even worse than Microsoft and when it doesn’t run the apps I want to run?
You’re using the idiotic “if you don’t like it then move” argument. Please don’t do that. I like Windows in general, but not this particular aspect of Windows 7. If I didn’t like Windows and wanted to use OS X or Linux then I wouldn’t bother raiing issues about it. I Windows to be as good as possible. I want Microsoft to give the user control over their machine and give developers a level playing field. If your answer to every possible problem is “go use something else” then you will quickly run out of things to use.
As for “because it’s their OS” you may have heard of the anti-trust trials in both the USA and the EU which say that just because it’s their OS does not mean they are allowed to give special treatment and backdoor APIs to their applications.
DK
This is a stupid post. If you have a malware running under Administrator privileges on your machine, changing UAC would be the last thing it would do, after copying your files to an unknown ftp site in China, tapping into your keyboard strokes for credit card and other info, copying off any passwords to the remote site and formatting your hard disks. I guess you are not too worried about all that I guess.
Get a life dude, if you have a trojan running under Admin previleges on your machine, it is GAME OVER. (Of course you cannot get cheap popularity by overblowing things)
Leo Davidson
@DK, the point is that UAC is supposed to prevent things from running with admin privileges but, by default on Windows 7, there is nothing to stop something without admin privileges from turning off UAC (if you are logged in as an admin, which is what UAC Is supposed to allow us to do without giving all apps admin privileges).
It’s annoying that so many people don’t even grasp what UAC does yet feel the need to bash the root post with such strong statements.
Don
OK guys, it’s one thing to keep on arguing about the implementation details of all this. I can boil down my issue with this down to something real simple. The default UAC setting on a freshly installed Windows 7 beta machine reads:
“Notify me only when programs try to make changes to my computer.”
Rafael’s VB script, which is a program, is able to circumvent the notifications that this default setting claims I will receive.
Now if everything really is by design as Microsoft say, then perhaps the text above needs to be modified to be more clear on what the policy actually means.
Long Zheng
@DK: I thought you’d know better for someone working at Microsoft, if you had read the post correctly you’d know the malicious code is running in with standard user privileges and would be able to turn off UAC.
Chris Lees
@ Todd Joley: It’s a case of the pot calling the kettle black. The Windows 7 flaw allows a running program to silently turn off UAC. There was a Mac OS X flaw since the very beginning that allowed a running program to silently gain root access and, if it wanted, turn off OS X’s sudo functionality as well. This depended on the presence of a setuid Cocoa program (the entire exploit was a single line of Applescript). When Apple shipped Tiger, it came with a setuid Cocoa program that could be exploited – ARDAgent. Apple was warned 4 years ago of the potential problem by one of its own security consultants, but ignored the problem until August 2008.
If the malicious Windows 7 program is run under a limited-only user account, UAC kicks in to stop the malicious program. The OS X exploit ran successfully under a limited-only user account.
So, before you criticise Microsoft for badly engineering their operating system, take a look at Apple’s history. The website http://www.rixstep.com has a lot of information about security flaws and potential data loss problems that are still present in OS X.
Richard Wooding
Perhaps Microsoft should look at the Linux equivalent of UAC. Much less annoying but provides the same level of protections.
REM
It’s a release candidate so they will change very little. I tried to ask and have stuff changed when I beta testing Vista and they would not change anything.
Don’t get your hops to high. This is just a remake of the almighty Vista.
This is why I no longer use Microsoft products and only Linux.
Good_Bytes
What is sad but true, is I think that Windows Vista 64-bit (not 32) [NT 6.0] is actually better than Windows 7 [NT 6.1]. Like Windows 2000 (NT 5) was better than XP (NT 5.1). Sure, you have less features, and that the kernel and many other things are less optimized, but security wise and usability (maximize windows boarder and superbar doesn’t change to opaque and dark colored) and more and indeed better. And I think I can live without Aero snap and teh superbar.. I mean I lived without them since Windows 3.1 and DOS times.
To say the truth if RC of win7 doesn’t change a lot of things, I might stay with Vista and perhaps change to Win8.
Well who knows maybe Win7 SP2 will save it. :rolleyes:
Damn
I havent seen such a holy shit like this
, it better suits you
Try doing some agriculture business
Patrick
Dear Long,
Could you please email me regarding another UAC flaw. I would prefer not to detail it on your site at this stage.
Regards,
Patrick
Andrew
Good grief can’t Microsoft fix this whole least-privilege issue yet?
Mainframes have been doing it since, what, 1965 or something. Letting the users play with the OS is a good way to ensure the computer won’t work when you need it. Having only a single privileged user was OK on toy computers before anything was networked, but that was 30 years ago.
I was glad to see that the “user accounts” page recommends a standard account, and no longer calls it “limited” like in XP. But the “keep-clicking-OK” install only gives you a single administrator account. Duh.
“free malware protection” – ever heard of zero-day exploits ? Antivirus only protects against old vulnerabilities (though, yes, those can be quite enough to enable conficker or whatever)
“Perhaps Microsoft should look at the Linux equivalent of UAC. Much less annoying..” – if that’s SELinux, I disagree (that it’s not annoying). It isn’t turned on for most stuff yet. Try running an antivirus email filter, or a webserver that isn’t bog-standard Apache running off the lone system disk.. Same thing – turn it off or go insane trying to write rules or get RedHat to patch the official version.
Running unprivilileged is such an effective, free, and generally easy defence against malware, viruses and general stupidity that it ought to be the out-of-box standard. Letting malware change your privilege level negates the whole point of doing it in the first place – it is a privilege-escalation exploit., and needs to be fixed as the serious security bug that it is.
Pat
Naive people should stick with a Mac or Leapfrog. They’re limited and pretty.
People don’t write viruses or malware for platforms that aren’t widely adopted.
Don’t run programs you don’t know the origin AND function of.
Don’t get mad at companies because they listened to your complaint when you cried wolf on UAC the first time and ignore you when you admit you were wrong in the first place. They know no matter what they do you’ll complain.
Wes
Why don’t they remove the certificate from the UAC windows setting?
Leave a Reply
Malware can turn off UAC in Windows 7; “By design” says Microsoft - Within Windows
[...] not alone in scratching my head here – According to an envelope of Post-It notes received by Long Zheng, there have been multiple submissions of this very issue on Microsoft’s beta portal, Connect. [...]
Microsoft confirm, UAC security flaw in Windows 7
[...] Source:→ Long Zheng [...]
El UAC de Windows 7 te la puede jugar
[...] la barrera que supone el UAC. El problema que han detectado tanto en Within Windows como en Istarted Something y Windows Connected es que una aplicación podría modificar el comportamiento del UAC sin que el [...]
» Microsoft neuters UAC in Windows 7 | Hardware 2.0 | ZDNet.com
[...] Long Zheng’s take on the issue: The Achilles’ heel of this system is that changing UAC is also considered a [...]
Gadgetsteria » Completely turn of UAC in Windows 7…throw out the welcome mat and beg the hackers to come in.
[...] it off leaves your computer completely vulnerable. There is a solution though provided by Long Zheng of iStartedSomething below: This is the part where one would usually demand a large sum of money [...]
Windows 7 - discussione ufficiale - Pagina 331 - Forum di Tom's Hardware Italia
[...] una soluzione al problema UAC, sebbene non al 100% (ma non lo sar mai, a questo punto, credo) Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code)… : [...]
Windows 7: Snap! : LOL: The Life of Leo
[...] now comes the news that Windows 7’s UAC-lite doesn’t work very well. Turns out malware can turn it off without any notification. Nice. Microsoft has, once again, [...]
Windows 7: Snap! : LOL: The Life of Leo
[...] now comes the news that Windows 7’s UAC-lite doesn’t work very well. Turns out malware can turn it off without any notification. Nice. Microsoft has, once again, [...]
Windows 7 Beta UAC Security Flaw | AzureJournal - Cloud Computing Blog
[...] blogger Long Zheng blows the wistle on a security flaw in the Windows 7 operating system. Even though is just BETA, what really [...]
Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code) - istartedsomething | WinSe7en
[...] the problem, and how Microsoft can fix the hole without to much hassle. See the original post at: Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code)… Tags: Security, UAC Categories: WebLinks Views: 1 views Posted By: Joe Last Edit: 30 Jan [...]
Windows 7 UAC Security Flaw, Oops! | Attack of the Operating Systems...
[...] intentions were good but as intentions go they can come back to bite you. Long Zheng and Rafael Ravera have found a huge flaw with this new method of UAC implementation and posted it [...]
Techadoo.com » Huge Security Flaw in Windows 7 User Account Control Leaves PCs Totally Exposed
[...] a lot of people in Vista, so Microsoft turned down the volume in Windows 7. But they’ve also opened up a massive security hole that leaves PCs totally exposed to [...]
Weird Designs in Windows 7 | ithinkdifferrent
[...] but I know I and many other that I know want these to be fixed. These little things ( and some bigger ones ) have to be fixed in Beta. If not, then it would be a very useless Beta for a very promising [...]
Huge Security Flaw in Windows 7 User Account Control [Windows 7]
[...] a lot of people in Vista, so Microsoft turned down the volume in Windows 7. But they’ve also opened up a massive security hole that leaves PCs totally exposed to [...]
» UAC security flaw in Windows 7 beta | The Toybox | ZDNet.com
[...] A change to the User Account Control (UAC) in Windows 7 to make it “less annoying” allows a simple override that renders UAC disabled without user interaction, reports Long Zheng at iStartedSomething. [...]
User Access Control security flaw in Windows 7 beta | Insert Witticism Here
[...] Sacrificing security for usability: UAC security flaw in Windows 7 beta: By default, Windows 7’s UAC setting is set to “Notify me only when programs try to make changes to my computer” and “Don’t notify me when I make changes to Windows settings”. How it distinguishes between a (third party) program and Windows settings is with a security certificate. The applications/applets which manage Windows settings are signed with a special Microsoft Windows 7 certificate. As such, control panel items are signed with this certificate so they don’t prompt UAC if you change any system settings. [...]
Can Windows 7 UAC Be Turned Off By Malware? ~ The Blade by Ron Schenone, MVP
[...] Source. [...]
Weird Design Issues in Windows 7 | Windows Seven 7
[...] issues, but I and many others that I know want these to be fixed. These little things ( and some bigger ones ) have to be fixed in Beta. If not, then it could be a very useless Beta for a very promising [...]
Christopher’s Blog » Windows 7 Bug Remains Unfixed… (URGENT)
[...] VBScript (Rename to .vbs) News Source: istartedsomething and Within [...]
Is UAC broken in Windows 7? « TUWW - The Unofficial Windows Weblog
[...] Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code) This is dedicated to every ignorant “tech journalist” who cried wolf about UAC in Windows Vista. A change to User Account Control (UAC) in Windows 7 to make it “less annoying” inadvertently clears the path for a simple but ingenius override that renders UAC disabled without user interaction. For the security conscious, a workaround is also provided. [...]
Windows 7 less annoying, but also less secure? | HoverOver.Us | Blogs, News & Latest Web 3.0 Trends
[...] Long Zheng, however, is drawing attention to an apparent shortcoming in that approach. Because changes to the user account control setting itself are being made within the OS–and [...]
AskWoody.com » Windows 7 UAC insecurity “by design”
[...] easy to change the User Account Control settings in Windows 7 with a program. Long Zheng has posted full details, along with a proof of concept [...]
Blogger Finds Security Hole in Windows 7 beta | KeithsLounge.com
[...] A blogger discovers that UAC can be completely dissabled by emulating keystrokes using VBScript. Decides to pass on the ransom and make discovery public. Read full story here. [...]
Blogger digs up Windows 7 security hole
[...] Long Zheng on I Started Something has highlighted a potential security problem with the Windows 7 beta, where Microsoft’s [...]
Microsoft dismisses Windows 7 UAC security flaw, insists it is “by design” - istartedsomething
[...] Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code) [...]
مشكلة آمنية في UAC الخاص بويندوز 7 | تيدوز
[...] [ I Started Something عبر PC World ] addthis_url = [...]
Windows 7 and a flaw already | Startup Meme - Technology Startup and Latest Tech News
[...] however claims to fix this issue in the retail release, how irresponsible of them? I guess Zheng’s proposal of Windows notifying users of changes to the UAC appears [...]
Windows 7 unsicher im Benutzermanagement | Flo's Privates Blog - Design Spaß Webdesign
[...] Blogger Long Zheng sagt, dass Windows 7 beta nicht mehr so sicher ist, dafür aber auch nicht mehr so nervig sein [...]
INT-Group | News
[...] Nutzer nicht länger mit zahlreichen Rückfragen quälen. Doch genau darin besteht eine Gefahr, argumentiert Long Zheng in seinem Blog “I started something” – und steht mit seiner Kritik nicht allein [...]
UAC Fix in Windows 7 Creates Security Hole, Blogger Says | HoverOver.Us | Blogs, News & Latest Web 3.0 Trends
[...] he explained in his post, UAC’s default setting in Windows 7 is to “Notify me only when programs try to make [...]
Tobbis Blog » Windows 7: Release Candidate im April, RTM schon im Oktober?
[...] noch ein wenig was getan werden, nachdem in den letzten Tagen Schwachstellen im Bereich der UAC aufgetaucht sind. Veröffentlicht am 31. Januar 2009 um 15:13 in Microsoft. Tags: Microsoft, Security, UAC, [...]
مشكلة آمنية في uac الخاص في ويندوز 7 | ويندوز 7
[...] [ I Started Something عبر PC World [...]
Windows 7: UAC Flaw, by design? - Steven’s Thoughts
[...] http://www.istartedsomething.com/20090130/uac-security-flaw-windows-7- beta-proof/ [...]
Huge Security Flaw in Windows 7 UAC | Windows 7 Center
[...] Zheng went on to investigate and created a script with Rafael (the same guy that released all the Unlock Windows 7 Build 6xxx hacks). Turns out he managed to create a script that silently turned UAC off. A more malicious script would be able to go even further and install malicious apps in your startup folder. The reason why this works is because the UAC process contains one of those security certificates, so you are not prompted when changes are made. Zheng points out a simple fix: Make all UAC modifcations require a prompt. Unfortunately, Microsoft has claimed that his is not a vulnerability and is done “by design.” Looks like Microsoft is telling us we’ll all have to use the highest setting to keep our computer safe…SHARETHIS.addEntry({ title: “Huge Security Flaw in Windows 7 UAC”, url: “http://windows7center.com/windows-7-news/huge-security-flaw-in-window s-7-uac/” }); [...]
Updated: Windows 7’s UAC is now insecure ‘by design’ | 226bw Tech News Blog
[...] according to Windows blogger Long Zheng, its newfound civility has a price. In its out-of-the-box setting, shown above, the UAC doesn’t pop up when changes are made to [...]
» Blog Archive » חלונות 7 כמעט כאן. גם בעיות האבטחה.
[...] בכל אופן, Long Zheng כבר העלה קוד Vbscript המדגים ניצול של הפרצה. את כל הפרטים המלוכלכים תוכלו לקרוא בצורה מתומצתת כאן או ללכת על ההסבר המפורט והמרתק יותר בפוסט של Zheng כאן [...]
Huge Security Flaw in Windows 7 UAC | IT Knowledge Hub
[...] Zheng went on to investigate and created a proof-of-concept script with Rafael (the same guy that released all the Unlock Windows 7 Build 6xxx hacks). Turns out he managed to create a script that silently turned UAC off. A more malicious script would be able to go even further and install malicious apps in your startup folder. The reason why this works is because the UAC process contains one of those security certificates, so you are not prompted when changes are made. Zheng points out a simple fix: Make all UAC modifcations require a prompt. Unfortunately, Microsoft has claimed that his is not a vulnerability and is done “by design.” Looks like Microsoft is telling us we’ll all have to use the highest setting to keep our computer safe… [...]
Windows 7 tiene un serio problema de seguridad con UAC | Windows Seven 7
[...] información | i started something: Sacrificing security for usability Más información | i started something: Microsoft dismisses Windows 7 UAC security [...]
Windows 7 Sicherheitslücken? | Software Nachrichten
[...] Das wäre insofern nicht schlimm, da es sich um eine Beta Version handelt. Blogger Long Zheng berichtet über eine Sicherheitslücke, aber sie wird wohl bestehen bleiben, obwohl es noch eine ganze Weile [...]
Windows Blogport » Blog Archive » Nem lesz több Windows 7 béta
[...] Windows 7 esetében eközben egy érdekes hibára hívta fel a figyelmet egy külső fejlesztő, amelyet ráadásul igen könnyen kihasználhatunk. [...]
Essential Computer Security » Security vs. Usability: The UAC Debate
[...] week a Windows 7 Beta tester posted a blog entry describing a flaw or weakness in the way UAC (User Account Control) is implemented in Windows 7. [...]
UAC fix in Windows 7 creates security hole, blogger says | Ramblings
[...] he explained in his post, UAC’s default setting in Windows 7 is to “Notify me only when programs try to make [...]
Security Cadets » WinPatrol v16 Monitors Changes to UAC
[...] Long Zheng, I Started Something: Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code)… [...]
Notes for 2/1/2009 at MasterMaq’s Blog
[...] Zheng posted about a potential security issue with the way Microsoft has implemented UAC in Windows 7. I agree with Long, I think it’s [...]
Windows 7 tiene un serio problema de seguridad con UAC « Hola PO!
[...] información | i started something: Sacrificing security for usability Más información | i started something: Microsoft dismisses Windows 7 UAC security [...]
Hola PO! » Windows 7 tiene un serio problema de seguridad con UAC
[...] información | i started something: Sacrificing security for usability Más información | i started something: Microsoft dismisses Windows 7 UAC security [...]
Windows 7 ist angeblich weniger sicher als Vista - Software | ZDNet.de News
[...] Windows-Blogger Long Zheng und Rafael Rivera haben nach eigenen Angaben einen Proof of Concept fr eine Schwachstelle in [...]
Bug in UAC-ul lui Windows 7 Beta « My Binary Life
[...] Bug in UAC-ul lui Windows 7 Beta 02/02/2009 Posted by mybinarylife in Știri. Tags: Microsoft, UAC, Windows 7 trackback Nici n-a aparut bine si se pare ca unii au descoperit deja o problema in felul cum este implementat UAC in Windows 7. In mare este vorba de faptul ca UAC poate fi dezactivat prin niste modificari in registry, fara ca utilizatorul sa fie notificat. Mai multe detalii (in engleza) aici. [...]
WinPatrol v16 Monitors Changes to UAC « BFC Blog
[...] Long Zheng, I Started Something: Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code)… [...]
Windows 7 tiene un serio problema de seguridad con UAC « Miguelthepooh’s Blog
[...] información | i started something: Sacrificing security for usability Más información | i started something: Microsoft dismisses Windows 7 UAC security flaw [...]
WrapUp: Yahoo Briefcase is Closing, FeedDemon to Get Google Reader Syncing, and More
[...] Flaw Found in Windows 7 UAC Microsoft has responded to concerns about Vista’s annoying UAC prompts by adding a slider in Windows 7 that will let you choose how often you’d like to see prompts. Early reports indicate that it’s possible for a malicious script to completely disable UAC if the user chooses any UAC notification option other than the most strict one. So it’s basically pointless unless you use the same option that Vista uses by default. [...]
Windows 7 UAC Leaves Door Open for Attacks - Xtreme CPU
[...] of Windows Vista, and evidence that the new Windows 7 approach, while more pleasing to some, is inherently insecure. He states, “This is dedicated to every ignorant tech journalist who cried wolf about UAC in [...]
Linkpost | 1.30.2009 | TechTuneZ
[...] Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code) – It’s possible to create a simple script that will turn off the User Account Control [...]
Updated: Windows 7’s UAC is now insecure ‘by design’ | TechTuneZ
[...] according to Windows blogger Long Zheng, its newfound civility has a price. In its out-of-the-box setting, shown above, the UAC doesn’t pop up when changes are made to [...]
Arun’s Blog » Blog Archive » Windows 7 less secure than Vista?
[...] of complaints about it in Vista. Microsoft is offering more options to users on setting the UAC. istartedsomething.com has posted an article on UAC flaw in Windows 7 and a proof of concept code to exploit that [...]
Windows 7’s UAC has a security flaw — .NET Developments
[...] security hole in Windows 7’s UAC has been found that uses a script to disable future UAC warnings, according to blogger Long Zheng. [...]
Links for February 2, 2009 (Ground Hog Day) « Steve Mullen’s Blog
[...] those with their heads in the sand, the story goes that in Windows 7 the default behaviour for UAC is to “Notify me only when programs try to make [...]
Windows 7 UAC - A security risk?
[...] In his post, Long Zheng states that the solution could be as simple as forcing a prompt whenever attempts are made to change UAC settings. Also, if you crank up the notifications to always notify, that will solve the problem as well. [...]
Malware can turn off UAC in Windows 7 Beta version « SecTech
[...] until Microsoft decides to make fix Zheng recommends all users to switch UAC policy to “Always Notify” , this is stressing but at least [...]
TECHGEEK.com.au : Blogger finds security flaw in Windows 7 UAC
[...] Long Zheng has found that a security flaw in Windows 7’s User Account Control (or UAC) that could allow anyone to change the setting of the UAC without any notification – even [...]
Windows 7 less annoying, but also less secure? | itfornews.com
[...] Long Zheng, however, is drawing attention to an apparent shortcoming in that approach. Because changes to the user account control setting itself are being made within the OS–and [...]
UAC NAC’ed in Windows | Network Industry Review
[...] be panning out that way. Over on i Started Something, Long Zheng has picked up some issues: ”Sacrificing security for usability: UAC security flaw in Windows 7 beta” This is dedicated to every ignorant “tech journalist” who cried wolf about UAC in [...]
Windows 7 UAC Leaves Door Open for Attacks | Mundane Scribblings
[...] of Windows Vista, and evidence that the new Windows 7 approach, while more pleasing to some, is inherently insecure. He states, “This is dedicated to every ignorant ‘tech journalist’ who cried wolf about [...]
Windows 7 (Se7en), la faille UAC qui n'en est pas une ? | NeoSting Press
[...] de ne pas corriger ses failles ? La question restera donc en suspens, puisque lors de son test, Long Zheng à trouvé une faille concernant le système de protection UAC. Un comble non ? Le pire, c’est que Microsoft semble [...]
Set One, Seu Canal de Tecnologia » IDG Now! » Computação Pessoal » Sistemas Operacionais computacao_pessoal Sistemas Operacionais Alteração em sistema de segurança provoca falha no Windows 7
[...] amigável ao usuário fez com que a ferramenta permitisse um ataque que o desabilita por completo, de acordo com o blog I Started Something, escrito pelo blogueiro Long Zheng, especializado em assuntos referentes à [...]
UAC security flaw in Windows 7 beta - Windows Mesh
[...] with proof of his concept code, he proved [...]
[dailyteck]Windows 7 UAC Leaves Door Open for Attacks - Overclock.net - Overclocking.net
[...] of Windows Vista, and evidence that the new Windows 7 approach, while more pleasing to some, is inherently insecure. He states, "This is dedicated to every ignorant tech journalist who cried wolf about UAC in [...]
Más noticias de Windows Seven « Blog de Proteneo
[...] información | i started something: Sacrificing security for usability Más información | i started something: Microsoft dismisses Windows 7 UAC security [...]
Windows 7 auto-elevation mistake let malware elevate freely, easily - Within Windows
[...] how does Windows determine if an application should not prompt the user and simply auto-elevate? As Long Zheng alluded to, Windows checks the process’ image on disk for an embedded digital certificate. But this alone [...]
Windows 7 Beta Observations and Screenshots - Page 16 - Operating Systems - TechEnclave
[...] of upgrading compared to regular install? Also, Win 7 Beta users take a look at this… Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code)… This is one of the biggest security flaw in Win 7, so be [...]
» Is UAC broken in Windows 7 beta? | Hardware 2.0 | ZDNet.com
[...] other day I blogged about a piece written by Long Zheng which showed how easy it is in Windows 7 beta to step over the low security fence offered by UAC on [...]
Release Windows 7? - The NT Blog
[...] won’t happen. But if it did, hopefully they’d fix this major flaw [...]
Would you Upgrade to a less Secure Windows 7? « imma
[...] on the beta version of Windows 7 makes the next release of Windows vulnerable. One of these threats allows malware to turn off UAC. A nasty piece of code would take advantage of your Windows 7 box without any protest from your [...]
Windows 7 UAC row comes down to technicalities - VISTA.BLORGE
[...] Long Zheng of istartedsomething.com says this setting has a major flaw: the User Accounts Control itself is classed as a Windows [...]
motogobi » Allowing Windows 7 Desktop Gadgets to run with UAC off - the mobile gobi
[...] this all with a grain of salt, as there are those that view this issue as a major security flaw: Sacrificing security for usability: UAC security flaw in Windows 7 beta. RSS Tags: Microsoft, Windows 7. Simple, free VMWare ESX virtual machine backups [...]
Tim Anderson’s ITWriting - Tech writing blog » Windows security and the UAC debate: Microsoft misses the point
[...] too far, making Windows 7 less secure than Vista. The catalyst for this new wave of protest was Long Zheng’s observation that with the new default setting a malicious script could actually turn off UAC [...]
Microsoft will fix Windows 7 UAC loophole after all | Security and the Net
[...] will fix Windows 7 UAC loophole after all Feb.05, 2009 in Security Last week, Long Zheng posted details about a security issue in Windows 7’s implementation of User Account Control. The UAC feature [...]
Extra Reading Materials » Blogger revealed that Windows 7 is less annoying, but also less secure?
[...] Long Zheng, however, is drawing attention to an apparent shortcoming in that approach. Because changes to the user account control setting itself are being made within the OS–and [...]
Users prevail: Microsoft changes Windows 7 UAC control panel behavior to address security flaw - istartedsomething
[...] Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code) [...]
» Blog: Win7 team swallows UAC pride Australian Broadband Deals
[...] Windows 7. The default security level treated a change of the UAC slider as permitted, therefore if you wrote a program that changes the UAC, then Windows 7 is your playground and you could do whatever you [...]
Web Page Design For You » Blog Archive » Good news Windows 7 beta users: your opinion matters!
[...] under: OS Updates, Security, Microsoft, Beta Remember the little UAC bug Long Zheng noticed the other day? It’s been fixed.As announced on the Engineering Windows 7 blog, UAC behavior has been changed in [...]
Good news Windows 7 beta users: your opinion matters! | WinSoftNews - Daily IT & Software News
[...] the little UAC bug Long Zheng noticed the other day? It’s been [...]
Users prevail: Microsoft changes Windows 7 UAC control panel behavior to address security flaw | yoursoftwarelink.com
[...] result is actually even slightly better than what I had hoped for. I originally proposed a secure confirmation to be displayed when the UAC level is changed, but Microsoft one-upped that [...]
Can you have functionality and security
[...] Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code) [...]
4sysops - Windows 7 UAC vulnerabilities
[...] main point about the first vulnerability is that third party software is able to disable UAC without giving UAC the chance to prompt the [...]
Vista Review | Software | Entertainment | Sports » Blog Archive » Good news Windows 7 beta users: your opinion matters!
[...] under: OS Updates, Security, Microsoft, Beta Remember the little UAC bug Long Zheng noticed the other day? It’s been [...]
La arena del circo o la importancia de apellidarse beta
[...] En segundo lugar recogen íntegramente la sugerencia que en su día propuso Long Zheng del blog Istartedsomething y el nuevo UAC requerirá confirmación siempre que cambiemos el nivel de avisos. Esto permitirá [...]
Microsoft überarbeitet UAC
[...] durch Long Zheng wird das UAC in Windows 7 wieder aufs neue attackiert, denn die Benutzerkontensteuerung kann sowohl durch den Nutzer als auch [...]
Windows 7 a rischio con il nuovo UAC « Ildivulgatoredelweb’s Blog
[...] rivelarlo è l’esperto di informatica Long Zheng che, in collaborazione con Rafael Rivera, ha dimostrato come il programma di protezione del nuovo sistema operativo di Microsoft possa essere disabilitato [...]
Cuando los blogs corporativos funcionan como deben |
[...] intrusivo. Pero cuando un investigador de temas de seguridad, Long Zheng, reportó en su blog un problema que había descubierto en el rediseñado UAC de Windows 7 que podría convertirse en un agujero [...]
.:Computer Defense:. » Denial of Service the Series: Part 1 - DoS vs DDoS
[...] leaves you vulnerable. Some see a vulnerability as a coding flaw or poor protocol implementation, while others see a configuration option as a vulnerability. I’ve been told that a null pointer dereference [...]
Windows 7: Installationsbericht auf ASUS R1E Notebook! « Joerg´s IT-Tech Blog
[...] des Berichts Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code)…von Long Zheng, über einen möglichen Proof-of-Concept Angriff habe ich meinen UAC Level auf [...]
Microsoft dismisses Windows 7 UAC security flaw, continues to insist it is “by design” « Window7s
[...] is on the same page as I am, but a Microsoft spokesperson has emailed me in response to the Windows 7 UAC security flaw I wrote about and demonstrated yesterday. In summary, Microsoft claims this is “not a vulnerability”, is intended behavior and [...]
Users prevail: Microsoft changes Windows 7 UAC control panel behavior to address security flaw « Window7s
[...] result is actually even slightly better than what I had hoped for. I originally proposed a secure confirmation to be displayed when the UAC level is changed, but Microsoft one-upped that [...]
Users prevail: Microsoft changes Windows 7 UAC control panel behavior to address security flaw | Window7s
[...] result is actually even slightly better than what I had hoped for. I originally proposed a secure confirmation to be displayed when the UAC level is changed, but Microsoft one-upped that [...]
Microsoft dismisses Windows 7 UAC security flaw, continues to insist it is “by design” | Window7s
[...] is on the same page as I am, but a Microsoft spokesperson has emailed me in response to the Windows 7 UAC security flaw I wrote about and demonstrated yesterday. In summary, Microsoft claims this is “not a vulnerability”, is intended behavior and [...]
blogger » Blog Archive » Microsoft denies Windows 7 UAC vulnerability
[...] week, Long Zheng, a long-time Microsoft watcher and blogger, wrote on his I Started Something Blog that a change Microsoft made in Windows 7 to improve the UAC security feature has left the new OS [...]
Weird Design Issues in Windows 7 | Window7s
[...] issues, but I and many others that I know want these to be fixed. These little things ( and some bigger ones ) have to be fixed in Beta. If not, then it could be a very useless Beta for a very promising [...]
Security research team find unfixable Windows 7 hack
[...] isn’t the first design problem Windows 7 has had. Earlier during the development phase, Long Zheng uncovered a UAC design flaw. At first, Microsoft dismissed the security issue but later apologized [...]
Sacrificing security for usability: UAC security flaw in Windows 7 … | Windows (7) Affinity
[...] More: Sacrificing security for usability: UAC security flaw in Windows 7 … [...]
Security research team find unfixable Windows 7 hack | Windows 7 Center
[...] isn’t the first design problem Windows 7 has had. Earlier during the development phase, Long Zheng uncovered a UAC design flaw. At first, Microsoft dismissed the security issue but later apologized [...]
Blogger Finds Security Hole in Windows 7 Beta | KeithsLounge.com
[...] A blogger recently discovered that UAC can be completely disabled by emulating keystrokes using Vb Script. He decided to pass on the ransom and make his discovery public. Read full story here. [...]
Security hole found in Windows 7? | Tech Support Team Blog
[...] researcher Long Zheng has shown how an attacker could bypass the User Account Control (UAC), although he’s also [...]
Why upgrade to Vista when Windows 7 will be here soon? | OS Attack
[...] Long Zeng posted a while ago about the change with UAC in Windows 7 that essentially makes it less secure than Windows Vista. Rafael of Within Windows then posted about applications that have been White Listed and are automatically elevated to the highest UAC level. Windows 7 is new and there are bound to be flaws found in it. Vista however has now been out for 3 years and has been highly criticized for being overly secure. [...]
matt’s blog » Blog Archive » Windows 7 UAC — Door is Wide Open
[...] news circulating around today about UAC in Windows 7. The guys at istartedsomething.com write about it in detail…. By default, Windows 7’s UAC setting is set to “Notify me only [...]
UAC w Windows 7 to kompletne nieporozumienie | Gry 3D
[...] zwłaszcza tę prezentacje ). Żeby nie było nieporozumień, to nie jest ten sam problem, który pozwalał wyłączyć UAC wysyłając klawisze (tamtem problem Microsoft rozwiązał). Prawdopodobnie Microsoft nie jest w ogóle zainteresowany [...]
Pearl Tech » Blog Archive
[...] in the week, independent researchers Rafael Rivera and Long Zheng described an exploit that could turn off the UAC prompt, which typically notifies the user of [...]
En Windows 7 sigue la patética “win-seguridad” | Carlos Zayas Guggiari
[...] Sacrificando seguridad por usabilidad en Windows 7:http://www.istartedsomething.com/20090130/uac-security-flaw-windows- 7-beta-proof/ [...]
Windows 7 tiene un serio problema de seguridad con UAC
[...] información | i started something: Sacrificing security for usability Más información | i started something: Microsoft dismisses Windows 7 UAC security [...]