Windows 7 UAC has a second flaw

pooch

pooch

MIA
Guru
VIP
Local time
7:11 AM
Messages
1,518
Location
Appelhülsen Germany
Long Zheng of I Started Something has uncovered a flaw in Windows 7's UAC that means malware can elevate itself to administrator privileges. This news comes after a previously discovered flaw in Windows 7's new tiered UAC system that meant malware can disable UAC silently.

More;Windows 7 UAC has a second flaw
 

My Computer

Computer Manufacturer/Model Number
Something I threw together
OS
Windows 7 Ultimate x64
CPU
Intel Core i7-2600K
Motherboard
Asus P8P67
Memory
16 GB G Skill F3-10666 CL9D-4GBRL
Graphics Card(s)
ATI Radeon HD 6870
Sound Card
ATI Radeon HDMI / Realtek ALC892
Monitor(s) Displays
2 x 22" standard monitors / LG32LC56v TV to watch films
Screen Resolution
1920 x1080
Hard Drives
2 x OCZ Vertex2 111.79GB
3 x Samsung103SJ
1 x Samsung103UJ
1 x WD3200BEVT
1 x Hitachi5K320-160
PSU
Thermaltake Toughpower Cable Management 750W
Case
Antec 300
Cooling
Noctua NH-U12P SE2 and 5 120mm Case fans
Keyboard
Microsoft Comfort Curve Keyboard 2000
Mouse
Hama M3110 / Logitech M305
Internet Speed
16000
Other Info
I have also used Fedora, Suse, Ubuntu Linux
And all other Windows from 95 to date except ME
Good article. Thanks pooch.

I already have UAC set to always notify. More clicks, but that's the price of security at this point. If I'm going to be playing and getting lots of prompts, I close my net connection and turn it down. Not having to reboot is a plus.

Gary
 

My Computer

Computer Manufacturer/Model Number
Dell XPS420
OS
Vista Ult 64 bit Seven Ult RTM x64
CPU
Intel Core2 Quad Q6600 2.40 gigahertz
Memory
Crucial Ballistix 4x2GB PC2 6400
Graphics Card(s)
NVIDIA GeForce 8600 GTS 256 MB
Sound Card
Creative SB X-Fi audio
Monitor(s) Displays
HP w2207 + HPvs15
Screen Resolution
1680x1050 + 1024x768
Hard Drives
2-WD5000AAKS-500 GB
WD5000AAV-500 GB external
Keyboard
Microsoft Comfort Curve
Mouse
MX Revolution
Other Info
Wacom Intuos 2 Graphics Tablet
Experience Index=5.5
Thanks Pooch

If you parked your car in a known dubious area and then left the doors unlocked so it would be easier to get in when you returned, no one would be surprised if the car was not there when you returned.

Why then is there all this worry over UAC when it has been purposely set to a less safe status.

Any security is only effective when it is switched on, If a user decides to lower security then that is their right but there is a price to pay for this decision.

Saying this I would prefer to see the OOB defaults for the UAC set to FULL, As in Vista, as this would better protect a lot of users who to be honest when using Vista just got on with it and accepted the prompts as part of the system.
 

My Computers

System One System Two

  • Computer type
    PC/Desktop
    Computer Manufacturer/Model Number
    ChillBlast - Custom to my design
    OS
    Windows 11 Pro x64 [Latest Release and Release Preview]
    CPU
    Ryzen 9 5950X, 3.8 - 5.2 MHz
    Motherboard
    Asus Prime X570-Pro
    Memory
    64GB [2 x 32GB] DDR4 3200MHz
    Graphics Card(s)
    4GB NVIDIA GEFORCE GTX 1650 Ti
    Sound Card
    On-board SPDIF to 5.1 System + HDMI [5.1 system]
    Monitor(s) Displays
    32" UHD 32 Bit HDR Monitor + 43" UHD 4K 32Bit HDR TV
    Screen Resolution
    2 x 3840 x 2160 @60Hz
    Hard Drives
    1TB M2 SSD OS, 500GB Fast Access SSD, 2 x 8TB Data + Various Externals from 1TB to 4TB, 10TB NAS
    PSU
    NZXT C750 80 PLUS Gold 750W Modular PSU
    Case
    Workstation Case [Matt Black]
    Cooling
    NZXT Kraken X63 280mm CPU Cooler +2x Quiet Case fans
    Keyboard
    Logitech Wireless MX Keys & K400 + others
    Mouse
    Logitech Wireless MX Master 3S
    Internet Speed
    920 MB Down 50 MB Up
    Antivirus
    BitDefender Total Security Pro
    Browser
    Chrome (always run latest Non-Beta)
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    Samsung 10.2" tablet
    Blackview TAB 8 4G Android Tablet c/w Keyboard
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control
  • Computer type
    Laptop
    System Manufacturer/Model Number
    Dell XPS 17 10750H
    OS
    Windows 11 Pro x64 Latest RP
    CPU
    Intel I7 10750H 5.0GHz
    Motherboard
    Dell XPS
    Memory
    32GB [2x16GB] DDR4 2933 MHz
    Graphics Card(s)
    nVidia GTX1650Ti 4 GB GDDR6
    Sound Card
    Stock [Realtek] 4 Speaker
    Monitor(s) Displays
    17" IPS UHD+ Infinity Edge Touchscreen
    Screen Resolution
    3840 x 2400
    Hard Drives
    2TB M2 NVMe, 4TB External + various 500GB & 1TB External NVMe (also have access to spinner HDD from
    PSU
    Stock
    Case
    Stock XPS Aluminium & Carbon Fibre
    Cooling
    Stock - Active Fan Control
    Keyboard
    Backlit + Various Logitech
    Mouse
    Stock Track Pad + Logitech MX Trackball
    Internet Speed
    72 MB Down 18MB Up
    Browser
    Chrome
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    10.2" tablet
    Sony Z3 Android Smartphone
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control Pad
    10TB NAS
I agree with you there Nigel, I'm not one of the tech types who are always messing with system settings, trying out new stuff etc: so I have no problems with UAC, in fact I think it was a good move on Microsoft's part to make it part of the OS, after all it's just another layer of security to make our systems safe to use.

The baddies out there are getting more sophisticated in trying to infect our machines so having something built into the OS that tries to help keep them out has got to be a good thing, after all it's only a click that's needed to allow us to carry on when we've been alerted to the danger or otherwise of what we are about to do.

Whoops didn't know I'd waffled on so much sorry. :(
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Acer Aspire XC-704 x64 bit/ Asus K55A Notebook PC/HP Envy x360 Convertible 15-bq0xx
OS
Windows 10 64bit/Windows 10 64bit/Windows 10 64bit
CPU
Intel Pentium J3710 @ 60GHz/Intel B820,1.7GHz/AMD A9 Radeon
Motherboard
Acer Aspire XC-704 (SOCKET 0)/Asus/HP 8312 (Socket FP4)
Memory
8.00GB DDR3 @ 1599MHz/8GB 2 x 4GB DDR3/8.00GB Dual-Channel
Graphics Card(s)
Intel HD Graphics/Intel/512MB ATI AMD Radeon R5 Graphics (HP
Sound Card
Realtek High Definition Audio/Onboard/AMD High Definition Au
Monitor(s) Displays
Acer LCD K222HQL /Asus 15.6/Generic PnP Monitor (1920x1080@6
Screen Resolution
1920x1080@59Hz/1366 x 768/1920x1080@60Hz
Hard Drives
1863GBWesternn Digital WDC/Asus/119GB SanDisk SD8SN8U-128G-1006 (SSD)
931GB Hitachi HGST HTS721010A9E630 (SATA)
Keyboard
Microsoft Natural Ergonomic Keyboard 4000 (UK)/Inbuilt/Inbui
Mouse
Microsoft Optical Wheel Mouse/Same plus Touchpad/Same + Pad
Internet Speed
Infinity 2 up to 76 Mbps
Antivirus
MSE/MSE/MSE and all 3 have MalwareBytes Premium
Browser
Edge, Firefox/Edge, Firefox/Edge, Firefox, Chrome
Other Info
Seagate Expansion 500GB External Desktop Drive
Seagate Expansion Portable Drives 500GB and 1TB
Epson XP-332 Wireless Printer
You must log in or register to reply here.
Back
Top