On mySimon: Monty Python Black Knight Talking Plush

BNET Business Network:: BNET; TechRepublic; ZDNet

The ToyBox

Andrew Nusca & Rachel King

Get The ToyBox via:: Mobile; RSS; Email Alerts
Bios:: Andrew’s Bio; Rachel’s Bio

January 30th, 2009

UAC security flaw in Windows 7 beta

Posted by Andrew Nusca @ 11:49 am

Categories: Microsoft, Windows

Tags: User Account Control, Security, Microsoft Windows 7, Microsoft Windows, Beta, Zheng, Achilles, Andrew Nusca

A change to the User Account Control (UAC) in Windows 7 to make it “less annoying” allows a simple override that renders UAC disabled without user interaction, reports Long Zheng at iStartedSomething.

Zheng describes the problem as follows:

By default, Windows 7’s UAC setting is set to “Notify me only when programs try to make changes to my computer” and “Don’t notify me when I make changes to Windows settings.” It distinguishes between a (third party) program and Windows settings is with a security certificate. The applications/applets which manage Windows settings are signed with a special Microsoft Windows 7 certificate. As such, control panel items are signed with this certificate so they don’t prompt UAC if you change any system settings.

The Achilles’ heel of this system is that changing UAC is also considered a “change to Windows settings,” coupled with the new default UAC security level, would not prompt you if changed. Even to disable UAC entirely.

Zheng says he and a developer, Rafael Rivera, came up with a fully functional proof-of-concept in VBScript to emulate a few keyboard inputs without prompting UAC.

Zheng and Rivera’s script is available for download here, but users should be aware that it will disable UAC.

The implications are grave, Zheng says: “You could automate a restart after UAC has been changed, add a program to the user’s startup folder and because UAC is now off, run with full administrative privileges ready to wreak havoc.”

Zheng also says there’s a simple solution to the problem: Force a UAC prompt in Secure Desktop mode whenever UAC is changed, regardless of its current state. It’s not fool-proof because users can still inadvertently click “yes” but it reduces risk, he says.

Zheng also says users of Windows 7 beta can simply change the UAC policy to “Always Notify,” which will force Windows 7 to notify you even if UAC settings change.

Andrew Nusca Andrew J. Nusca is an associate editor for ZDNet and SmartPlanet. See his full profile and disclosure of his industry affiliations.

Email Andrew Nusca Follow on Twitter

Subscribe to The ToyBox via Email alerts or RSS.

Talkback
Most Recent of 29 Talkback(s)

Thread View
Flat View

Say NO to UAC!: UAC is a pain in the butt! It's MY computer, and I'LL run the programs that I choose! UAC is just snake-oil for M$ to collect more money from software developers. See http://phrosty.phoenixlabs.org/pg2-rc1/... (Read the rest); Posted by: jave200372 Posted on: 02/03/09 You are currently: a Guest | Log in | Terms of Use

10,000,000 worms and counting Vista with UAC! Christian_<>< | 01/30/09

No wonder you are so angry GuidingLight | 01/30/09

Two words... MGP2 | 01/30/09

You can't count past two, ha ha ha InAction Man | 01/30/09

Time for a name change... MGP2 | 01/31/09

I have always disliked pretentious people with a misplaced sense of InAction Man | 01/31/09

Oh, I almost forgot today's lesson InAction Man | 01/31/09

First in security. kozmcrae | 01/30/09

Agreed shellcodes_coder | 01/30/09

First on security, first on realiability, first on the server room, first InAction Man | 01/30/09

Type much? MGP2 | 01/31/09

First on security, first on realiability, first on the server room, first InAction Man | 01/30/09

oh, the irony. (nt) rtk | 01/30/09

You're so (unvolutarily) right InAction Man | 01/30/09

Try again, genius! MGP2 | 01/31/09

Try some self-control man InAction Man | 01/31/09

Yet, still too completely clueless... MGP2 | 01/31/09

You can't get one right InAction Man | 01/31/09

Don't badger him Boot_Agnostic | 02/02/09

Frustrated LinSux troll shellcodes_coder | 01/30/09

So deep... So profound... InAction Man | 01/30/09

Poor Windows zealot... storm14k | 01/31/09

RE: UAC security flaw in Windows 7 beta LiquidLearner | 01/30/09

Yeah, saw this one coming from a mile away... Spiritusindomit@... | 01/30/09

Just Incredible! mejohnsn | 02/02/09

RE: UAC security flaw in Windows 7 beta shellcodes_coder | 01/31/09

Ahhh... storm14k | 01/31/09

RE: UAC security flaw in Windows 7 beta Gralyndr | 02/02/09

Say NO to UAC! jave200372 | 02/03/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now

Essential Topics

New Online Dashboard for IT Leaders Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

Blogroll

ZDNet Blogs

White Papers, Webcasts, and Downloads

The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now

Popular Sanity Saver Videos

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More