Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 UAC Feature Still Vulnerable

18 Jun 2009   #11
SIW2

Microsoft Community Contributor Award Recipient

Vista x64 / 7 X64
 
 

I think you'll find the default seting for UAC on 7 is the same as in Vista.

That is not susceptible to this type of exploit.

It is only if you turn it down ( no darkened desktop) that it becomes less secure - obviously.

MS are simply giving people the choice.


My System SpecsSystem Spec
.
18 Jun 2009   #12
ikilledkenny

Windows 7 Professional, Windows Longhorn 4074
 
 

You see, I thought that the defualt setting was that one level lower than the Vista UAC setting.
My System SpecsSystem Spec
18 Jun 2009   #13
SIW2

Microsoft Community Contributor Award Recipient

Vista x64 / 7 X64
 
 

They have reduced the number of prompts required in some multi prompt scenarios involving Windows applications.

The behaviour for non-Windows elevations is the same as it was for Windows Vista.
My System SpecsSystem Spec
.

18 Jun 2009   #14
dmex

 

Quote   Quote: Originally Posted by SIW2 View Post
I think you'll find the default seting for UAC on 7 is the same as in Vista.

That is not susceptible to this type of exploit.

It is only if you turn it down ( no darkened desktop) that it becomes less secure - obviously.

MS are simply giving people the choice.
The default Vista setting is High, Windows 7 uses one down that permits the majority of Microsoft's software to run without prompting. You can also turn off ScreenDarkening without affecting any other UAC policy via the Local Security Policy settings

Quote   Quote: Originally Posted by SIW2 View Post
They have reduced the number of prompts required in some multi prompt scenarios involving Windows applications.

The behaviour for non-Windows elevations is the same as it was for Windows Vista.
Unfortunately no, Microsoft are able to reduce the amount of prompts by checking executables for a specific Microsoft signature and auto-elevating any signed executable that matches that singature.

UAC is completely different from Vista's UAC, A non-Windows application can gain Administrative permissions without a single prompt with Windows 7's default configuration, hence why these changes have become a big issue, on Vista it cant be done.

Microsoft have always said UAC is not a security feature, It used to be on Vista but its not on Windows 7. It will not prevent an application from gaining administrative permissions even if you deny consent to the elevation.
My System SpecsSystem Spec
18 Jun 2009   #15
SIW2

Microsoft Community Contributor Award Recipient

Vista x64 / 7 X64
 
 

Thanks dmex,

I was quoting from Mark Russinovich

Quote:
we reduced the number of prompts in several multi-prompt scenarios (for example, installing an ActiveX control in IE )
He did also say this :

Quote:
we further refactored the system such that someone with standard user rights can execute more tasks.

The reason that elevation of (most) Windows executables in the two middle settings doesn't result in a prompt is that the system "auto elevates" Windows executables... it must be digitally signed by the Windows publisher, which is the certificate used to sign all code included with Windows (it's not sufficient to be signed by Microsoft, so Microsoft software that's not shipped in Windows isn't included); and it must be located in one of a handful of "secure" directories. A secure directory is one that standard users can't modify
and this:

Quote:
The behaviour for non-Windows elevations is the same as it was for Windows Vista...From the perspective of malware, Windows 7's default mode is no more or less secure than the Always Notify mode ("Vista mode")
So it is the middle one that might be problematic, I suppose.

He might be trying to downplay the risk.
My System SpecsSystem Spec
18 Jun 2009   #16
Copyright

Windows 7 x64 7229
 
 

I disabled UAC anyways. Plus barely anyone would want access to my **** computer in the first place lol.
My System SpecsSystem Spec
18 Jun 2009   #17
holo88

Windows 7 Ultimate x32
 
 

Quote   Quote: Originally Posted by Copyright View Post
I disabled UAC anyways. Plus barely anyone would want access to my **** computer in the first place lol.
eeh..heerm
see my specs ....
im hoping some hacker will feel bad for me and use my credit card to buy me a new computer.
My System SpecsSystem Spec
18 Jun 2009   #18
Copyright

Windows 7 x64 7229
 
 

Quote   Quote: Originally Posted by holo88 View Post
eeh..heerm
see my specs ....
im hoping some hacker will feel bad for me and use my credit card to buy me a new computer.
Haha I have an eMachines T2682 and a T2893 right next to me, from like 2006.
My System SpecsSystem Spec
18 Jun 2009   #19
holo88

Windows 7 Ultimate x32
 
 

Quote   Quote: Originally Posted by Copyright View Post
Haha I have an eMachines T2682 and a T2893 right next to me, from like 2006.
MFC date on my MoBo is 2004, down right dinosauric for technology standards
My System SpecsSystem Spec
18 Jun 2009   #20
ikilledkenny

Windows 7 Professional, Windows Longhorn 4074
 
 

I have a desktop with a 2002 MFC date
My System SpecsSystem Spec
Reply

 Windows 7 UAC Feature Still Vulnerable




Thread Tools




Similar help and support threads
Thread Forum
Windows 7 feature?
Hi, whenever I turn on or off "Number Lock" in my keyboard a notification message pops up in the lower right corner of the screen displaying the status (ON or OFF). Same for "Caps Lock". Is this a Windows 7 feature? If so, how can I disable it? Thanks (I went to Control Panel/Keyboard but found no...
General Discussion
Windows 7 Less Vulnerable Without Admin Rights.
Source - http://www.darkreading.com/insiderthreat/security/app-security/showArticle.jhtml?articleID=224200601&cid=RSSfeed
News
Windows 7 beta UAC completely vulnerable to malware
TG Daily - Windows 7 beta UAC completely vulnerable to malware Chicago (IL) - An almost unbelievable flaw in Windows 7 beta and Microsoft's User Account Control (UAC) feature - the one designed to keep all of the annoying messages seen in Vista away from its users - allows its protection to be...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 14:46.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App