Critcal Windows 7 Beta UAC Flaw
Posted 02/02/09 at 09:00:00 AM by Josh Kampschmidt
It seems like just yesterday that Microsoft reluctantly introduced us to the world of User Account Control (UAC). Many disgruntled reviewers claimed that the UAC present in Windows Vista was too intrusive. It caused a lot of frustration when trying to install programs that needed administrator credentials. Apple even made a commercial that illustrated how people felt about the constant nagging of UAC in Windows Vista.
Fast forward to Windows 7 Beta 1, Microsoft now gives full control over the number of prompts you receive. The problem is any malware can defeat UAC by sending a few Visual Basic scripts to activate the slider and turn off UAC. Once UAC is off, the computer can be restarted and the malware can be launched with full administrator credentials and expose the computer to more malware and exploits.
This is not a typical security flaw since anyone can change the UAC level. Probably one of the major reasons for making Windows 7 insecure like this is because of the feedback received from Windows Vista. It would probably have been more secure if they required the person to type in their user account password. Linux for example requires people to enter in the root password before making system changes.
If you want to see how this works, you can download a simple file and try it out for yourself. It does turn off UAC so make sure when you are done you turn UAC back on. If you are unsure how to turn UAC back on, follow Method 1 from this link, but instead slide it back up.

Windows 7 released now?
Submitted by Kaasiim on Wed, 02/04/2009 - 8:06am
No thanks, I can wait 'till it's ready.
no! don't release it now.
Submitted by jvc08 on Mon, 02/02/2009 - 9:17pm
it's not ready.
i hope they release it when it's ready.
and this thing about the uac, just turn it off, hackers can go around anything, it is completely useless.
heh, microsoft probably
Submitted by FrancesTheMute on Mon, 02/02/2009 - 2:07pm
heh, microsoft probably created the flaw on purpose in response to the "release it now" campaign to prove to people it's not ready yet.
release it now!
Submitted by MrNaPaLm32 on Mon, 02/02/2009 - 10:36am
release it now!
Funny
Submitted by Balgaroo on Sun, 02/01/2009 - 10:18pm
I find it funny that this is right above the article on the petition for Windows 7 to be released now because some twat thinks it's ready now. This is why beta testing is and these two post back to back is thevery definition of ironic.
I find it funny.
Feature
Review
Feature
Feature
Feature






