Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is UAC really secure?


12 May 2010   #1

Windows 7 Enterprise x64
 
 
Is UAC really secure?

I'm seriously considering dropping the UAC settings on my primary rig. Why? There's no real reason to keep it. It only provides a false sense of security. Check out this artice: CLICK ME


My System SpecsSystem Spec
.

12 May 2010   #2

Windows 7 Ultimate x64
 
 

Well, the article was written nearly 1 year ago...before Windows 7 was actually released.

Second, nothing in the software world is perfect. So, it seems kinda silly to dispense of something that might have a few shortcomings if it could work in many other ways. I mean I would never stop running an antivirus just because it didn't have protection against 1 particular virus or exploit.

Personally, I don't have issue with UAC and simply leave it enabled. I've always been confused by those who are tormented by UAC....i simply don't hardly ever see it.
My System SpecsSystem Spec
12 May 2010   #3

Windows7 Ultimate 64bit
 
 

Wow, finally someone that agrees with me...

Btw, FYI: that flaw is fixed... That flaw is no more. It's simply that several Windows subsystems will auto elevate (back then) without user consent, many disagrees, MS patched the behavior, all is well

zzz2496
My System SpecsSystem Spec
.


12 May 2010   #4

Windows 7 Enterprise x64
 
 

Quote   Quote: Originally Posted by pparks1 View Post
Well, the article was written nearly 1 year ago...before Windows 7 was actually released.
True enough, but it's still relevant for Windows 7 users.

Quote   Quote: Originally Posted by pparks1 View Post
Second, nothing in the software world is perfect. So, it seems kinda silly to dispense of something that might have a few shortcomings if it could work in many other ways. I mean I would never stop running an antivirus just because it didn't have protection against 1 particular virus or exploit.
Neither would I, but that's not at all the case with UAC. One of the "few shortcomings" UAC has in Windows 7 is it allows third party software to automatically elevate. This completely defeats the entire purpose of UAC, rendering it useless in my opinion.

Quote   Quote: Originally Posted by pparks1 View Post
Personally, I don't have issue with UAC and simply leave it enabled. I've always been confused by those who are tormented by UAC....i simply don't hardly ever see it.
I do maintanance on my rig often. Every application I use for this get's a UAC prompt [CCleaner, Registry Clean Expert, Diskeeper 2010...etc...etc]. Torment is an overstatement, but it is quite annoying at times. Why leave it enabled if it doesn't secure my rig like intended?

I currently have it enabled anyway, but I'm considering disabling it.
My System SpecsSystem Spec
12 May 2010   #5

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by MadMaxData View Post
I do maintanance on my rig often. Every application I use for this get's a UAC prompt [CCleaner, Registry Clean Expert, Diskeeper 2010...etc...etc]. Torment is an overstatement, but it is quite annoying at times. Why leave it enabled if it doesn't secure my rig like intended?
Fair enough. I keep my computer as clean as possible every step along the way, so I don't find it necessary to run things like reg cleaners and the like...because I don't install anything that I don't intend to keep. When i do want to play and poke around, I always do it in a virtual machine.

I do see it from time to time when I run things like a system backup, etc...but I only do something like that once or twice a week...so no big deal.

I would just disable it and see how it goes for you. You won't be any worse off than users on Windows XP.
My System SpecsSystem Spec
12 May 2010   #6

Windows 7 Enterprise x64
 
 

I guess the point I'm trying to make is this. If third party software, such as malware, can bypass the UAC, and automatically elevate the application, then what's the advantage in using UAC? I can only imagine that malware developers write their programs to execute code at an elevated level as their standard. This renders UAC completely useless.

I suppose I was wanting someone/anyone to offer up a good reason to keep it enabled. If there is a real [as opposed to imagined] advantage to keeping it enabled, then I will. Otherwise, it's getting disabled.
My System SpecsSystem Spec
12 May 2010   #7

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by MadMaxData View Post
I guess the point I'm trying to make is this. If third party software, such as malware, can bypass the UAC, and automatically elevate the application, then what's the advantage in using UAC?
I thought that article specifically stated that 3rd parties were unable to auto escalate. From page 2 of the article
Quote:
Fortunately, third parties aren't able to automatically elevate
The point of that article is that Microsoft's own software can auto escalate and thus reduce the point of UAC. However, for 3rd parties....malware included....cannot. It's a questionable practice for sure...not really practicing what you preach.

Quote   Quote: Originally Posted by MadMaxData View Post
I can only imagine that malware developers write their programs to execute code at an elevated level as their standard. This renders UAC completely useless.
Clearly you didn't read the whole article or understand the point that I made above. 3rd parties cannot auto escalate as their standard. It doesn't work for them...unless they are of course...Microsoft.

And remember, you were mentioning all of your 3rd party apps that forced you to click on the "OK" button...clearly these guys aren't able to silently "auto escalate" to get around annoying you.
My System SpecsSystem Spec
12 May 2010   #8

 

Another point - disabling UAC is akin to logging in as root on a *nix box - you just don't do it.

If you seriously get too many notifications from UAC per day, then you're either 1) rebooting your machine too often, or 2) running too many optional apps that require elevated privileges for whatever reason.

BTW, for future reference - don't change the text of a link to "Click Me" - it is exactly that sort of behavior that we try to get novice users to avoid when they are online, without first verifying the link. The board software here has a neat feature that will automatically parse the pages title and make it the text of the link, like this:

Opinion: Windows 7's UAC is a broken mess; mend it or end it | Vista Home
My System SpecsSystem Spec
12 May 2010   #9

Windows 7 Enterprise x64
 
 

Quote   Quote: Originally Posted by pparks1 View Post
Clearly you didn't read the whole article or understand the point that I made above. 3rd parties cannot auto escalate as their standard. It doesn't work for them...unless they are of course...Microsoft.
Umm, actually I did understand the article, and your point. Wow, I can't believe you just said such a thing. You don't have any third party software on your machine that silently elevates without a UAC prompt? I've got a ton of it. I didn't need to read an article to know that...LOL

Quote   Quote: Originally Posted by pparks1 View Post
And remember, you were mentioning all of your 3rd party apps that forced you to click on the "OK" button...clearly these guys aren't able to silently "auto escalate" to get around annoying you.
Not all my third party applications, just a few. Third party software does indeed have the ability to silently elevate. I have plenty of third party software on my machine that does just that. In fact, most of them. Which is cause for concern, because malware programs can do the exact same thing. I think I lost you somewhere down the line.
My System SpecsSystem Spec
13 May 2010   #10

Windows 7 Enterprise x64
 
 

Quote   Quote: Originally Posted by johngalt View Post
BTW, for future reference - don't change the text of a link to "Click Me" - it is exactly that sort of behavior that we try to get novice users to avoid when they are online, without first verifying the link. The board software here has a neat feature that will automatically parse the pages title and make it the text of the link.
A text link is a text link. It doesn't matter if it "sounds legitimate." Instead of teaching novices not to click on text links, perhaps they should be taught to hover over the link, and check it in the status bar before clicking on it?
My System SpecsSystem Spec
Reply

 Is UAC really secure?




Thread Tools



Similar help and support threads for2: Is UAC really secure?
Thread Forum
Just how secure do you need to be? System Security
Is EFS secure? System Security
Secure System Security
So how secure you are really ? System Security
How Secure Is Your PDF? Security News
Which is Overall more Secure ? Vista or Win 7 ? System Security
Is this secure? Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:03 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33