On CBS MoneyWatch: 5 Things You Should Buy at Walmart
BNET Business Network:
BNET
TechRepublic
ZDNet

November 5th, 2009

Windows 7's default UAC bypassed by 8 out of 10 malware samples

Posted by Dancho Danchev @ 1:33 pm

Categories: Anti Virus, Botnets, Browsers, Hackers, Malware, Microsoft, Rootkits, Spyware and Adware, Viruses and Worms

Tags: User Account Control, Security, Malware, Microsoft Windows 7, Microsoft Windows, Operating Systems, Software, Dancho Danchev

A recently conducted test by malware researchers reveals that eight out of ten malware samples used in the test, successfully bypassed Windows 7’s default UAC (user access control) settings. The findings were also confirmed by a separate test done by another company, with an emphasis on how one of the most popular scareware variants bypassed Windows 7’s default UAC’s settings as well.

More info:

On October 22nd, we settled in at SophosLabs and loaded a full release copy of Windows 7 on a clean machine. We configured it to follow the system defaults for User Account Control (UAC) and did not load any anti-virus software.

We grabbed the next 10 unique samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and UAC held up. Unfortunately, despite Microsoft’s claims, Windows 7 disappointed just like earlier versions of Windows. The good news is that, of the freshest 10 samples that arrived, 2 would not operate correctly under Windows 7.

The findings are in fact not surprising, since the main problem with Windows 7’s UAC lies in the over-expectation of the average end user. Just like free antivirus software relying entirely on signatures based scanning only, the over-expectation of Windows 7’s UAC may in fact fool a large number of users that third-party security software is not a necessity.

Just like end users, enterprises already migrating to Windows 7 face the same security issues. Eric Voskuil, CTO, BeyondTrust — the company that issued a report earlier this year, claiming that 92% of critical Microsoft vulnerabilities are mitigated by Least Privilege accounts –  believes that the required administrator privileges for using the feature may in fact pose new security challenges:

In response to feedback that users were forced to respond to too many prompts in Windows Vista, the new operating system introduces a new approach to User Account Control (UAC), providing a four-position “slider” feature to control how often UAC pop-ups occur. While these changes to Windows 7’s UAC benefit the home user market, enterprises must recognize that the new slider feature can only be applied to users logged in as administrators and may increase security risks.

Further, Windows 7 introduces no new features to solve the application compatibility issues experienced by standard users in previous versions of the operating system. “The most secure configuration option for enterprises that deploy Windows 7 remains running end-users as standard users, with administrator rights removed,” said Eric Voskuil, CTO, BeyondTrust.

What do you think about Windows 7’s user access control slider? Is it a step in the right direction, or does it have the potential to provide a lot of users with a false feeling of security, making them believe that a stand-alone HIPS (host based intrusion prevention/behavior blocking) solution isn’t necessary?

TalkBack.

Dancho DanchevDancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog. See his full profile and disclosure of his industry affiliations.

Email Dancho Danchev

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 413 Talkback(s)
@914four
Only because they used the preexisting technology
from desktops and laptops.

That is hardly "evolving quickly" but rather
copying.... (Read the rest)
Posted by: AzuMao Posted on: 11/25/09 You are currently: a Guest | | Terms of Use
Who can I trust *now*....  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/05/09
@CounterEthicsCommissioner  Axsimulate | 11/05/09
Yeah, I feel sad for mom & pop.  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/05/09
I certainly feel sad for your mom and pop.  Sleeper Service | 11/05/09
Wow that's one seriously sparse post.  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/05/09
simple first  Quebec-french | 11/06/09
Addendum:  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/06/09
I feel sad for your mom & pop, too  quasilou | 11/09/09
Re: I feel sad for your mom & pop, too  pgripley@... | 11/09/09
Yes & No  quasilou | 11/09/09
Well put  msharma117@... | 11/09/09
Of course...  TristanGrimaux | 11/09/09
Windows 7 UAC malware problem  rgeiken@... | 11/09/09
Amen, Quasilou!  the_fish_69@... | 11/10/09
cars are good analogy  stremin | 11/23/09
You can't use windows?  notsofast | 11/09/09
RE: I feel sad for your...  MythicalMe | 11/09/09
If we accept your premise  tnboren@... | 11/11/09
As an automotive historian  ICUR12 | 11/13/09
Re: Re: I feel sad for your mom & pop, too  ICUR12 | 11/13/09
Not that it adds anything but...  914four | 11/19/09
Re: 914four  AzuMao | 11/19/09
@AzuMao  914four | 11/24/09
@914four  AzuMao | 11/25/09
No choice...  DB_z | 11/09/09
@DB_z: You don't understand "choice"  quasilou | 11/09/09
Choice  Jkirk3279 | 11/09/09
Excellent reply  Richard Turpin | 11/09/09
@JKirk I Agree  914four | 11/19/09
Agree to a degree  stremin | 11/23/09
@DB_z: And I didn't even bother...  quasilou | 11/09/09
Choice?  DB_z | 11/09/09
@DB_z: How do you reconcile this with...  ye | 11/09/09
That standard doesn't apply to any other industry  martyh@... | 11/09/09
RE: feel sad for your mom & pop, too  joe6pack_z | 11/09/09
people are either too lazy or too apathetic  stillgolfing | 11/09/09
What are you talking about?  Me_too | 11/09/09
re:@CounterEthicsCommissioner  Tsingi | 11/06/09
Hmm. What to say.  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/06/09
@Tsigni  Axsimulate | 11/07/09
I love this  JABBER_WOLF | 11/09/09
Love What??  kavallerie07@... | 11/09/09
I've been telling you all for the past few months..  AzuMao | 11/06/09
Let them play with fire.  fr0thy2 | 11/06/09
I believed you...  JCitizen | 11/09/09
In the wild?  quasilou | 11/09/09
I couldn't agree more  jmgroft@... | 11/09/09
Calm down.  AzuMao | 11/09/09
@AzuMao: Nice try  quasilou | 11/09/09
Okay...  AzuMao | 11/09/09
Good point!  rahbm | 11/10/09
More secure? It may be.  fr0thy2 | 11/06/09
Trust your brain if there is one  JABBER_WOLF | 11/09/09
May be you don't have so many customers as MS  TristanGrimaux | 11/09/09
here, here  stremin | 11/23/09
You ain't seen nothin' yet...  The Mentalist | 11/05/09
If you are talikg about your FUD and BS  GuidingLight | 11/05/09
@ Guiding-Light - your debating skills need honing  TonyOz | 11/05/09
Consider who he's replying to.  Sleeper Service | 11/05/09
The best response is  oncall | 11/05/09
@ oncall....absolutely..  TonyOz | 11/05/09
You're hoping for too much, Tony. happy  nix_hed | 11/09/09
Totally agree  rahbm | 11/10/09
And do you know what's the troubling part?  The Mentalist | 11/06/09
Wow, thanks!  quasilou | 11/09/09
I'm just wondering, with that XP mode dohickey...  nix_hed | 11/09/09
Obvious, yet not to some...  ITsupportGuy | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  iamrta | 11/05/09
LOL  fr0thy2 | 11/06/09
Ya  AzuMao | 11/06/09
The only "happy" in Windows 7  nix_hed | 11/09/09
Performance improvements..  AzuMao | 11/09/09
Y/N  dw.needham@... | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  Agnostic_OS | 11/05/09
Or that MS is a marketing company.  fr0thy2 | 11/06/09
What does it matter?  GuidingLight | 11/05/09
"What does it matter?"  fr0thy2 | 11/06/09
Masochistic skills  theo_durcan | 11/06/09
Nah  AzuMao | 11/07/09
I'd add  Khyron | 11/09/09
Well Said  martyh@... | 11/09/09
What?  rahbm | 11/10/09
A bad day for MS on ZDNet  Richard Flude | 11/05/09
When MS control blogs  fr0thy2 | 11/06/09
So all this proves was..  eqpc | 11/05/09
Shh...  Sleeper Service | 11/05/09
Shh ....  fr0thy2 | 11/06/09
@eqpc..incorrect  TonyOz | 11/05/09
What are you on about?  eqpc | 11/05/09
@ eqpc.....again, not so  TonyOz | 11/05/09
Do you actually understand what you are writing?  eqpc | 11/05/09
There is some truth in what TonyOz is saying  Earthling2 | 11/05/09
I agree with what you say but..  eqpc | 11/05/09
Your reply is intelligent  mechBgon | 11/05/09
That was also when  LiquidLearner | 11/06/09
Finally, some actual discussion...  JCitizen | 11/09/09
Not correct  Earthling2 | 11/05/09
That's what the AV vendors WANT you to think  NonZealot | 11/05/09
TonyOz: please point out what Linux or OS X would have stopped  NonZealot | 11/05/09
@NonZealot  TonyOz | 11/05/09
You don't understand registry  NonZealot | 11/05/09
@ NonZealot and registry files  TonyOz | 11/05/09
Then don't speak of things you know nothing about.  ye | 11/05/09
@ ye......have you ever heard of cyberbullying ?  TonyOz | 11/05/09
@TonyOz: You're clueless about the subject.  ye | 11/05/09
@ye.....again, rudeness and discourtesy  TonyOz | 11/05/09
@TonyOz: Again:You're clueless about the subject.  ye | 11/05/09
@TonyOz - security in Windows  Earthling2 | 11/05/09
@Earthling2: Very good explanation.  ye | 11/06/09
Re: Security in Windows  fr0thy2 | 11/06/09
Adding to frothy's comment...  zkiwi | 11/06/09
Try again  Earthling2 | 11/06/09
No, you try again  Wintel BSOD | 11/07/09
Here we go  Earthling2 | 11/07/09
Of course you can't  Wintel BSOD | 11/07/09
Excellent  Earthling2 | 11/07/09
No, it was exactly...  Wintel BSOD | 11/08/09
Thank you  Earthling2 | 11/08/09
Thank you for what? You being disingenuous?  Wintel BSOD | 11/09/09
Registry ignorance  honeymonster | 11/09/09
re: registry in Windows is a system file  Me_too | 11/09/09
Re; Which of the above 3 items would Linux's  hkommedal | 11/06/09
One of the most clueless posts I've read in a while.  ye | 11/05/09
Read up on NT? Why in this day and age?  fr0thy2 | 11/06/09
Indeed it is clueless  honeymonster | 11/09/09
Talk about clueless  Wintel BSOD | 11/10/09
They couldnt have done that much  jdbukis@... | 11/05/09
People are missing the most obvious advantage UNIX(-like) OSes have  Michael Kelly | 11/06/09
Windows is similar.  eqpc | 11/06/09
Except that they obviously are running  Michael Kelly | 11/06/09
Of course they're not running with escalation.  ye | 11/06/09
Well then  Michael Kelly | 11/06/09
What's going "wrong" is the user is ignoring every warning...  ye | 11/06/09
@ye  Axsimulate | 11/06/09
@Axis: So you're saying that *NIX also identifies exe's using metadata  de-void | 11/06/09
@de-void  Axsimulate | 11/06/09
Unix Windows not so different.  bklooste | 11/09/09
You dont need escalation to run code!  eqpc | 11/06/09
Except that that prompt  Michael Kelly | 11/06/09
No, it's not.  ye | 11/06/09
We dont know if the prompt is failing as they dont mention that but..  eqpc | 11/06/09
@ye  Michael Kelly | 11/06/09
@Michael Kelly: Irrelevant  ye | 11/06/09
@ye  Michael Kelly | 11/06/09
@Michael: Gutmann is proof that you are wrong  NonZealot | 11/06/09
@Michael Kelly: I am making a distinction because...  ye | 11/06/09
@NZ  Michael Kelly | 11/06/09
You could...  WarhavenSC | 11/06/09
@WarhavenSC: I'd be happy to.  ye | 11/06/09
Got to agree with one of your points, Zealot  Ole Man | 11/06/09
Not quite right  quasilou | 11/09/09
Sure you can.  ye | 11/06/09
Good point  Michael Kelly | 11/06/09
I disagree  zmud | 11/06/09
I said that myself  Michael Kelly | 11/06/09
They require escalation because they perform system level changes.  ye | 11/06/09
Almost identical, but not quite  Michael Kelly | 11/06/09
Yes, it can.  ye | 11/06/09
@ye... we already know that  Michael Kelly | 11/06/09
@Michael Kelly: You don't know this.  ye | 11/06/09
To be fair...  quasilou | 11/09/09
@quasilou: We do have some information about the malware.  ye | 11/09/09
So if I switch off...  Sleeper Service | 11/05/09
You don't care about computing enough to learn them.  fr0thy2 | 11/06/09
One of the saddest things was what bloggers said earlier..  TonyOz | 11/05/09
@TonyOz  Axsimulate | 11/05/09
What's really sad, Axis...  Sleeper Service | 11/05/09
@Sleeper Service  Axsimulate | 11/06/09
Actually what's really sad...  Sleeper Service | 11/06/09
@Sleeper Service  Axsimulate | 11/06/09
Talk about arrogant snobs  GuidingLight | 11/06/09
@GuidingLight  Axsimulate | 11/06/09
Where the blame goes.  joe.smetona@... | 11/10/09
Incorrect assumption, irrelevant proof  Earthling2 | 11/05/09
What is your Linux experience?  joe.smetona@... | 11/09/09
I agree.  joe.smetona@... | 11/09/09
It would've been very, very helpful...  Earthling2 | 11/05/09
@ Earthling2...agreed, but this is where Microsoft is at fault  TonyOz | 11/05/09
Completely agree, but...  Earthling2 | 11/05/09
No machine was infected in either example  NonZealot | 11/05/09
UAC is Misunderstood by Everyone, Including Microsoft  mikefarinha | 11/05/09
Good points.  jamesrayg | 11/06/09
UAC: Designed to annoy users  toadlife | 11/06/09
According to one Microsoft executive.........  Ole Man | 11/06/09
What?!? I don't annoy anybody!  Wintel BSOD | 11/07/09
UAC wasn't designed to annoy USERS  Lerianis10 | 11/07/09
UAC: Annoyance and failings  PeterBoyles | 11/09/09
They weren't new.  ye | 11/09/09
Wow!  rahbm | 11/10/09
The only apps that SHOULD need Admin access  Lerianis10 | 11/07/09
@Lerianis10: What are you talking about?  quasilou | 11/09/09
Move to a Linux distro or Mac  use_linux | 11/05/09
You do know that saying it doesn't make it real?  tonymcs@... | 11/05/09
Compile source code - and solve problems  Ole Man | 11/06/09
Your post title alone...  quasilou | 11/09/09
Please take your own medicine  rahbm | 11/10/09
An interesting minor detail  Earthling2 | 11/05/09
No.  James T. Kirk | 11/05/09
amen brother!  Richie086 | 11/05/09
And which all recently had to be patched due to a number of vulns  de-void | 11/06/09
RTFA  n0neXn0ne | 11/07/09
And???  de-void | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  Loverock Davidson | 11/05/09
It bypassed 7 and infected 7.  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/05/09
it's really not your issue being so stupid  ljenux-23043766007667558234416105604265 | 11/06/09
When  Viva la crank dodo | 11/06/09
You do a disservice by posting advertisements in the form of blogs  NonZealot | 11/05/09
Thankyou...  eqpc | 11/05/09
Double Standards  Metronome49 | 11/06/09
You keep bringing up Linux...  bjbrock | 11/05/09
I didn't bring up Linux or OS X  NonZealot | 11/05/09
Percentage wise...  bjbrock | 11/06/09
Windows is the MOST uninfected OS ever  NonZealot | 11/06/09
That is a good point  bobiroc | 11/06/09
Bob  Viva la crank dodo | 11/06/09
@Viva  bobiroc | 11/06/09
I appreciate what you are saying  Viva la crank dodo | 11/06/09
That's kind of idiotic, bob  Wintel BSOD | 11/07/09
Bogus point made from their marketshare  Metronome49 | 11/06/09
Well coming from you Nanny Pants  bobiroc | 11/09/09
@zealot, stop lying  Wintel BSOD | 11/07/09
Threatfire Blogger is clueless  ye | 11/05/09
Ha! What about Ed Bott, his whole blog is an Ad  Metronome49 | 11/06/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  whoflungdung | 11/05/09
What did you expect?  bendib | 11/05/09
wake up guys  soulxfer@... | 11/05/09
You don't have AV...  jamesrayg | 11/06/09
Windows is no Linux  bobiroc | 11/06/09
It's what users wanted =/  NStalnecker | 11/05/09
This doesn't appear to be related to the reduced security setting.  ye | 11/05/09
RE: Windows 7's default UAC bypassed by 8 out of 10 Malawi samples  CharlesEtheridge@... | 11/05/09
What UAC Really Is  JasonJD48 | 11/05/09
Nicely said  NStalnecker | 11/06/09
Agreed  Rude Union | 11/06/09
running a malware with limited privileges is NOT bypassing UAC!  directory | 11/06/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  argon0 | 11/06/09
What you're referring to is not UAC.  ye | 11/06/09
RE:What you're referring to....  argon0 | 11/06/09
UAC is a privilege escalation mechanism.  ye | 11/06/09
RE: UAC is a privilege....  argon0 | 11/06/09
It does not.  ye | 11/06/09
 argon0 | 11/06/09
@argon0: It is not UAC.  ye | 11/06/09
So much misunderstanding about the execute bit  NonZealot | 11/06/09
@NonZealot: The irony being...  ye | 11/06/09
ye and nz  argon0 | 11/06/09
@ye  Michael Kelly | 11/06/09
@argon0: You're welcome.  ye | 11/07/09
@Michael Kelly: He specifically mentioned scripts.  ye | 11/07/09
well told you so just quite doesnt make it  Quebec-french | 11/06/09
wow...those 2 are miracle actually  ljenux-23043766007667558234416105604265 | 11/06/09
that is not fair swiss cheese did nothing wrong to you  Quebec-french | 11/06/09
Dancho Danchev..  eqpc | 11/06/09
Rather than lying  markbn | 11/07/09
ZDNet Bloggers  Yeartenn | 11/06/09
Once Linux...  bjbrock | 11/06/09
COMMENT......  carlsf@... | 11/06/09
UAC is a 'focus box' to prompt the user  use_linux | 11/06/09
So much ignorance  sjaak327 | 11/06/09
Starting with 7 this is no longer the case.  AzuMao | 11/11/09
The Idiots won  wolf_z | 11/06/09
It's not what you think.  ye | 11/06/09
Agreed  wolf_z | 11/06/09
Agreed as well.  ye | 11/06/09
So then...  NStalnecker | 11/06/09
Correct.  eqpc | 11/06/09
With the little information we have it does not need admin rights.  ye | 11/06/09
Indeed  NStalnecker | 11/06/09
This "research"...  whoflungdung | 11/06/09
@whoflungdung: Clarification.  ye | 11/06/09
Best post here, thanks ye  NonZealot | 11/06/09
@whoflungdung - plenty of warnings  Earthling2 | 11/06/09
NZ...  argon0 | 11/06/09
Yet by making that argument  Michael Kelly | 11/06/09
It's likely there are warnings given the programs are trojans.  ye | 11/06/09
Which is why  Michael Kelly | 11/06/09
Most likely the latter.  ye | 11/06/09
I vote deception  bobiroc | 11/06/09
I prefer not to vote or guess  Michael Kelly | 11/06/09
@Michael  NonZealot | 11/06/09
@Michael Kelly: It's not a guess and I have very high confidence...  ye | 11/06/09
The sky is blue too. Everybody knows it.  HypnoToad72 | 11/06/09
I always wanted a green sky with purple polka-dots.  nix_hed | 11/09/09
Master Joe Says...  MasterJoe | 11/06/09
Things are going to be different this time - Trust me  Chad_z | 11/06/09
Would Vistas default UAC have prevented these?  Metronome49 | 11/06/09
No. This has nothing to do with UAC.  ye | 11/06/09
If I may steal your favorite retort...  Michael Kelly | 11/06/09
I wouldn't stake my life on it.  ye | 11/06/09
Actually no  Michael Kelly | 11/06/09
I am right. So you can rest easy. nt  ye | 11/06/09
Interesting that not just one...  jasonp@... | 11/09/09
Of course they came to the same conclusion.  ye | 11/09/09
There wouldn't be a market period...  jasonp@... | 11/09/09
@jasonp: No, you do not.  ye | 11/09/09
ROTFLMAO @ "that's a fact"  jasonp@... | 11/09/09
@ jasonp: It's worked perfectly fine for me for years.  ye | 11/09/09
So let's just ignore the millions...  jasonp@... | 11/10/09
Think about it for a minute..  eqpc | 11/06/09
That thought actually did cross my mind  Michael Kelly | 11/06/09
LOL!  eqpc | 11/06/09
Are you serious?  Michael Kelly | 11/06/09
@Michael  eqpc | 11/06/09
@Michael: Are you serious?  NonZealot | 11/06/09
@Michael Kelley. Just so you know.  Lunatic59 | 11/06/09
@NZ - If that's the case  Michael Kelly | 11/06/09
@Michael: I don't know but I can guess  NonZealot | 11/06/09
Spare us your patronizing, @Lunatic59  Wintel BSOD | 11/07/09
I've had malware bypass the UAC...  JCitizen | 11/10/09
So vauge, nothing of value can be obtained.  JoeMama_z | 11/06/09
@Axsimulate  jmoleary | 11/06/09
What will Windows do then?  argon0 | 11/06/09
Yes...it will...  lawryll@... | 11/06/09
And UNIX does essentially the same with its metadata  ye | 11/08/09
I think his concern is...  eqpc | 11/08/09
Right  AzuMao | 11/08/09
How is the OS supposed to determine...  ye | 11/08/09
Okay  AzuMao | 11/08/09
@AzuMao: Your wish is Microsoft's command.  ye | 11/08/09
If any program can disable the component that makes them need permission  AzuMao | 11/08/09
@AzuMao: What are you referring to?  ye | 11/09/09
"Have not been any known exploits"? Where have you been the past year?  AzuMao | 11/09/09
@AzuMao: I didn't see any exploits.  ye | 11/09/09
The exploit..  AzuMao | 11/09/09
@AzuMao: What you have provided is PoC not exploits.  ye | 11/09/09
When I said by default  AzuMao | 11/09/09
And UAC will have stopped those but...  eqpc | 11/08/09
Yup...  argon0 | 11/09/09
I fail to see the point of...  ye | 11/09/09
point....  argon0 | 11/09/09
Windows will attempt to run the file if...  ye | 11/09/09
@ye....  argon0 | 11/10/09
@jmoleary  Axsimulate | 11/08/09
UAC=Stupid, Slider UAC=Stupid, Jr.  nfordzdn | 11/06/09
They only ask you whether you wish to run a program multiple times  Lerianis10 | 11/07/09
Is that why Norton need kernel access?...  JCitizen | 11/10/09
unbelievable JUNK  pupkin_z | 11/06/09
I FEEL NAKED NOW. Let me explain.  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/06/09
Was that an XP under admin (root) acount?  Earthling2 | 11/06/09
Note to Earthling:  CounterEthicsCommissioner-23034636492738337469105860790963 | 11/06/09
I must be doing something wrong...  Earthling2 | 11/06/09
The main dangerous websites are porn websites  Lerianis10 | 11/09/09
Yes  AzuMao | 11/09/09
You have problems.  deowll | 11/07/09
Lessons Learned from Five Years of Building More Secure Software  Ole Man | 11/06/09
It is funny though  Earthling2 | 11/07/09
In daze of Windows past  Ole Man | 11/07/09
I am hoping  Earthling2 | 11/07/09
I'm witcha......  Ole Man | 11/08/09
Here's the problem  Earthling2 | 11/08/09
No problem! Technical issues are constant......  Ole Man | 11/12/09
Most of those 'design issues' you mention  Lerianis10 | 11/07/09
Pretty Much Useless  jpr75_z | 11/06/09
You should not disable it  Earthling2 | 11/06/09
Only because you don't know what it actually does..  sjaak327 | 11/07/09
The usual suspects are out...  zkiwi | 11/06/09
Same  NStalnecker | 11/06/09
Really?  zkiwi | 11/07/09
Microsoft says EVERY SINGLE DAY  Lerianis10 | 11/07/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  deowll | 11/07/09
Of course it's a fud article  otaddy | 11/07/09
For what stupid reason the linux fanboys think sudo is safer than UAC?  directory | 11/07/09
There is no slider for sudo  n0neXn0ne | 11/07/09
It begins...  IssacS | 11/07/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  prof123 | 11/07/09
Yep  wile_thang | 11/07/09
Slanted Article. Why not test with MSE running?  trance2tec | 11/08/09
If Microsoft were forcing everyone to use MSE...  jasonp@... | 11/09/09
Get real...  quasilou | 11/09/09
Because it's not part of Windows 7, most likely.  AzuMao | 11/09/09
Windows 7 was deemed 'less secure' than Vista...  Spikey_Mike | 11/09/09
Yes, Windows 7 was deemed 'less secure' BUT  Lerianis10 | 11/09/09
If you ran a program that was a trojan on OSX or Linux  Lerianis10 | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  metilley@... | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  quasilou | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  GTX11 | 11/09/09
Really? Anybody?  quasilou | 11/09/09
The story doesn't really tell us what they did.  mikefulton | 11/09/09
any one see the latest MAC commercial ?  lynne1462@... | 11/09/09
Would setting the UAC to MAX instead of Default make a difference?  Claud.Cutler@... | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  nappy_d | 11/09/09
This isn't a surprise  baileysc | 11/09/09
Naturally!  rahbm | 11/10/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  shinji257 | 11/09/09
Do you have any references for this?  ye | 11/09/09
Hey You!!!! STOP THAT *slap*  taiyurshu | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  PrestonSK | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  Papamambo | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  dw.needham@... | 11/09/09
This is why I use Malwarebytes  rupaa62 | 11/09/09
Cookies , html and javascript will always bypass UAC  bklooste | 11/09/09
How does windows install itself?  Mahegan | 11/09/09
No, the installation process doesn't utilize UAC.  ye | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  MoosieAZ | 11/09/09
Just wondering about filthy porno sites??  brettze | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  hwaynew | 11/09/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  Starliner | 11/09/09
I'm Sorry But I've gotta Say...  barefoot1976 | 11/09/09
RE: Lazy  Paul1402 | 11/10/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  ps2os2 | 11/10/09
Not to throw my 2cents in again, but...  Papamambo | 11/10/09
I can't condone using Windows based on it's record.  joe.smetona@... | 11/10/09
lol  AzuMao | 11/10/09
Were these run under x86 or x64 variants of Win 7 ?  pounder_arthur@... | 11/12/09
The Musk Ox gather at the water-hole for a drink  Ole Man | 11/12/09
The UAC bypass works on 32-bit and 64-bit versions.  AzuMao | 11/13/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  wskige001 | 11/12/09
Send me two dozen of each  Ole Man | 11/12/09
Wtf  AzuMao | 11/13/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  wgrimes | 11/15/09
RE: Windows 7's default UAC bypassed by 8 out of 10 malware samples  cocococo013 | 11/16/09
hmm copyight???  dannydaman9@... | 11/19/09
They could  AzuMao | 11/19/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here