Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 UAC Fix Doesn't Address UAC's Fatal Flaw


06 Feb 2009   #1

Windows 7 Ultimate x64
 
 
Windows 7 UAC Fix Doesn't Address UAC's Fatal Flaw


Converging on Microsoft

by Mitchell Ashley

Wow, that was a fast turn around from Microsoft, something we're definitely not used to. Microsoft quickly changed their position on the UAC notification default setting issue in Windows 7, due to the vulnerability River and Zheng found where malware could change the notification setting on a compromised computer without the user's knowledge. Rather than going back to the same setting Vista used, which would have created the Vista UAC nightmare all over again (resulting in users disabling UAC altogether), Windows 7 will require user prompting whenever this notification setting is changed. Microsoft is being less specific about a second change to Windows 7 that "prevents all the mechanics around SendKeys and like from working". The two changes effectively renders the problem River/Zheng found moot. But this solution doesn't solve the core user experience flaw with UAC, as I'll talk about in a moment.


More;Windows 7 UAC Fix Doesn't Address UAC's Fatal Flaw | NetworkWorld.com Community


My System SpecsSystem Spec
.

06 Feb 2009   #2

Windows 7 Ult, Windows 8.1 Pro,
 
 

If they want users to keep UAC turned on Microsoft will need to have a program approval system for the programs we use most often. This would keep us from having to click a program once to open then click again to approve. If they don't do that UAC will continue to be turned off by users. I like the idea of UAC but it needs to have some type of program approval system or it will always be too much trouble to use.
My System SpecsSystem Spec
07 Feb 2009   #3

XP Pro, Windows 7 Ultimate 64 & 32 Build 7022
 
 

My System SpecsSystem Spec
.


07 Feb 2009   #4

7068 64 bit + XP Pro
 
 

I can handle having to confirm that i want that crap turned off . Better than having to confirm every other thing i do. Probably a good thing for the Noobs though .

I have been running XP for about 4 years without installing a single MS security update and never have security probs. My third party software has always been up to the job .
My System SpecsSystem Spec
08 Feb 2009   #5

Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
 
 

i know the perfect fix for this and MS would only have to change a little thing...

it would be to force a UAC prompt when changing the UAC...
and it has to make the message more reasonable...

something like it has been detected that are changing the UAC...
unless your are changing it yourself you should not allow this unless your are changing the UAC (and for a bonus [unless you know what UAC even means you shouldn't change it as this a security measure that is there to protect you without getting in your way])....

something like that...

which is what they did and this breaks the flaw...
now that cake flaw....
My System SpecsSystem Spec
08 Feb 2009   #6

XP Pro, Windows 7 Ultimate 64 & 32 Build 7022
 
 

Cake, did someone mention cake?
My System SpecsSystem Spec
10 Feb 2009   #7

Windows 7 RC
 
 

I don't understand this.... People will install third party security anyways. It's not like XP had UAC...
My System SpecsSystem Spec
10 Feb 2009   #8

XP Pro, Windows 7 Ultimate 64 & 32 Build 7022
 
 

Quote   Quote: Originally Posted by aeriolewinters View Post
I don't understand this.... People will install third party security anyways. It's not like XP had UAC...
True but XP has serious security flaws, if it wasn't for 3rd party software XP would have died a long time ago. The UAC is making security a little tighter & more reliable but it has its flaws that M$ denies are there & we know, I mean come on. What I'm trying to say is that even though we still install 3rd party antivirus, try living without any AV for a week with the UAC turned all the way up & then give me your results.

BTW, welcome aeriolewinters, nice to have you.

Mike
My System SpecsSystem Spec
10 Feb 2009   #9

Windows 7 RC
 
 

Quote:
True but XP has serious security flaws, if it wasn't for 3rd party software XP would have died a long time ago.
I understand, but I think it's an overreaction on the part of the end-users.... As switching off UAC is the problem, which requires the user to do it. And this is actually key, since as we said... XP has no UAC... but 3rd party software is the reason XP was afloat. This issue is a non-issue, since you can probably install 3rd party software on top of Windows 7 for security. And anyways, It's the vista whiners society that caused this problem in the first place, It's not like UAC isn't in Linux...
My System SpecsSystem Spec
10 Feb 2009   #10

7068 64 bit + XP Pro
 
 

I think a lot of people feel they need the same security as financial institutions etc, or large networks with lots of people yapping to their friends on Messenger .

Nobody is going to bother trying to use some exploit to hack me when they would be better off trying it on the local grocery store.

The security industry, just like the weapons makers, have made zillions of dollars by exploiting peoples fears.

I'm not playing their game.
My System SpecsSystem Spec
Reply

 Windows 7 UAC Fix Doesn't Address UAC's Fatal Flaw




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:09 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33