Every process has access to free, silent elevation! Proof of concept video
Every process has access to free, silent elevation! Proof of concept video
Posted: 19 Feb 2009
Oh boy. This guy shows that becuase of the way the new UAC whitelist works, it is possible to run any command with elevation and not raise a single UAC prompt!
This first video gives some info about how the UAC whitelist works:
nice read garbanzo. Since i am admin, i run high all the time. Nevertheless, if this isnt fixed, alot of users will install this, and run their own accounts as admin and wont think to either change account type or raise UAC elevation....... scary as hell
System Manufacturer/Model Number: Self Build 64bit OS: Vista Ult64, Win7600 CPU: Intel Core 2 Quad Q6600 @ 2400 MHz 64bit OS Motherboard: Asus P5E3 Deluxe WiFi @p 64 bit OS Memory: 4096 MB DDR3-SDRAM Graphics Card: ATI Radeon HD 3870 Series x2 Crossfired Sound Card: Realtek on board Monitor(s) Displays: Samsung SyncMaster - 23 inches Screen Resolution: 1680x1050 pixels at 60 Hz in True Colors Keyboard: Wireless Mouse: Wireless PSU: Cooler Master 1000w Case: Cooler Master Cosmos 1000. Cooling: Fans and fresh air, Hard Drives: Hitachi (250 GB)/Samsung 750 GB. /Barracuda 160 GB.
My Book 1 TB external.. Internet Speed: Never fast enough Other Info: I use a Magnum.
the scary part about this is not that stupid users can misuse it, it's that it can be used maliciously! even with UAC on, malicious code can use the methods this guy is using to basically take control of a user's system without them knowing about it.
at first the UAC whitelist just pissed me off because it is anti-competitive, since only windows processes can be whitelisted. now, it's clear that it represents a very serious security threat. these videos have been online for about 3 weeks now, i'm surprised i've not heard about this.
am i overreacting? is this not as bad as it seems?
sense viruses have to make it on the computer in the first place to do damage wouldnt a program like that have to make it on the computer to deal the deathblow..?
seems like its nothing a good virus scan and smart computing cant take care of
True, but a lot of people don't run AV's and the UAC will provide some protection against DBD's. And having both is better than just one, AV's can miss things, especially when new kinds/types of malware are made and spread about all over the place everyday. Zero Day threats that most AV's haven't had the chance to catch up with their malware definations fast enough.
I have 32gigs of ram and simply watching netflix through google chrome. My indicator and task manager says I'm using almost all of my ram but when I view running processes it's all normal. The most ram being used up in a single service is SVCHost at 487,496K.
Sure I can probably reboot and it...