basically I am guessing if they made the change he wants then when toggling the setting you would get a UAC prompt, a small price to pay to fix the exploit I guess.

I disable it myself anyway.

Please keep in mind, this is a Bootkit exploit: Someone has to physically sit down at your computer and use corrupted media to boot the system. It cannot be downloaded, eMailed as an attachment, clickstreamed, hidden in a file for later execution, or any of the other ways people try to hack into your computer.

Also - Keep in mind this is the same way into a computer that technicians use to wipe a forgotten password.


Quite frankly, I'm having a hard time understanding why people appear to have so much sand in their vaginas over this. If Someone Has Physical Access To Your Computer, Then What's Preventing Them From Simply Stealing The Hard Drive? Or Stealing The Whole Thing Outright?

Looks like some of us will need to go back to using an Antivirus program full-time once again

Im guessing the decision not to fix UAC is a direct result of people like myself who have very good experience using computers who do not use an Antivirus, I can identify trojens and virus's before they are executed and have been able to run without an Antivirus for two years now without a single infection while downloading at least 80gb of data a month (least I do ) Ive tested my system each time a new AV product version has been released and have not found one infection in two years and I can thank UAC for giving Power Users the ability to dump their AV permanently like myself and others have.

Why change a perfectly good security model just for (noobs!) one that completely defeats the purpose of putting it into the system in the first place? Its not like users cant find and change UAC settings If its not fixed then It should just be removed because no one will continue using it, especially if it doesn't offer the security it once did and what people have come to expect.

Microsoft seriously needs to prevent any automated tampering of UAC controls by applications otherwise its not worth anyone ever using and as it stands right now, UAC is dead weight and offers users nothing for the annoyance it causes. I will disable it on all machines I build and sell in the future and advise customers it offers them zero protection

I think that UAC was created to prevent unauthorized changes to your computer. If someone can turn it off without being authorized to do so, than that's just plain ironic, as well as useless.

For years, Windows has been the choice of computer compainies around the world. Since the 90's, UAC didn't exist, and people didn't have many problems. I think UAC is overrated, but it can be handy when you go to one of those websites that you just can't trust.