Sport & Auto
- About Future
- Digital Future
- Cookies Policy
- Terms & Conditions
- Investor Relations
- Contact Future
It seems like just yesterday that Microsoft reluctantly introduced us to the world of User Account Control (UAC). Many disgruntled reviewers claimed that the UAC present in Windows Vista was too intrusive. It caused a lot of frustration when trying to install programs that needed administrator credentials. Apple even made a commercial that illustrated how people felt about the constant nagging of UAC in Windows Vista.
Fast forward to Windows 7 Beta 1, Microsoft now gives full control over the number of prompts you receive. The problem is any malware can defeat UAC by sending a few Visual Basic scripts to activate the slider and turn off UAC. Once UAC is off, the computer can be restarted and the malware can be launched with full administrator credentials and expose the computer to more malware and exploits.
This is not a typical security flaw since anyone can change the UAC level. Probably one of the major reasons for making Windows 7 insecure like this is because of the feedback received from Windows Vista. It would probably have been more secure if they required the person to type in their user account password. Linux for example requires people to enter in the root password before making system changes.
If you want to see how this works, you can download a simple file and try it out for yourself. It does turn off UAC so make sure when you are done you turn UAC back on. If you are unsure how to turn UAC back on, follow Method 1 from this link, but instead slide it back up.