Quantcast

Don't have an account? Register Now! Forgot password?

Related Articles
Maximum IT
SEE MORE MAXIMUM IT
News

Critcal Windows 7 Beta UAC Flaw

Posted 02/02/09 at 09:00:00 AM  by Josh Kampschmidt

comment Commentsprint Printemail EmailDeliciousDiggStumbleUponRedditFacebookSlashdot

It seems like just yesterday that Microsoft reluctantly introduced us to the world of User Account Control (UAC). Many disgruntled reviewers claimed that the UAC present in Windows Vista was too intrusive. It caused a lot of frustration when trying to install programs that needed administrator credentials. Apple even made a commercial that illustrated how people felt about the constant nagging of UAC in Windows Vista.

Fast forward to Windows 7 Beta 1, Microsoft now gives full control over the number of prompts you receive. The problem is any malware can defeat UAC by sending a few Visual Basic scripts to activate the slider and turn off UAC. Once UAC is off, the computer can be restarted and the malware can be launched with full administrator credentials and expose the computer to more malware and exploits.

This is not a typical security flaw since anyone can change the UAC level. Probably one of the major reasons for making Windows 7 insecure like this is because of the feedback received from Windows Vista. It would probably have been more secure if they required the person to type in their user account password. Linux for example requires people to enter in the root password before making system changes. 

If you want to see how this works, you can download a simple file and try it out for yourself. It does turn off UAC so make sure when you are done you turn UAC back on. If you are unsure how to turn UAC back on, follow Method 1 from this link, but instead slide it back up. 

 

COMMENTS:5
TAGS: windows, microsoft, Software, uac, Windows Vista, Operating Systems, windows 7
COMMENTS
avatarWindows 7 released now?

Submitted by Kaasiim on Wed, 02/04/2009 - 8:06am

No thanks, I can wait 'till it's ready.

Login or register to post comments
avatarno! don't release it now.

Submitted by jvc08 on Mon, 02/02/2009 - 9:17pm

it's not ready.

i hope they release it when it's ready.

and this thing about the uac, just turn it off, hackers can go around anything, it is completely useless.

Login or register to post comments
avatarheh, microsoft probably

Submitted by FrancesTheMute on Mon, 02/02/2009 - 2:07pm

heh, microsoft probably created the flaw on purpose in response to the "release it now" campaign to prove to people it's not ready yet.

Login or register to post comments
avatarrelease it now!

Submitted by MrNaPaLm32 on Mon, 02/02/2009 - 10:36am

release it now!

Login or register to post comments
avatarFunny

Submitted by Balgaroo on Sun, 02/01/2009 - 10:18pm

I find it funny that this is right above the article on the petition for Windows 7 to be released now because some twat thinks it's ready now. This is why beta testing is and these two post back to back is thevery definition of ironic.

 

I find it funny. 

Login or register to post comments

This Month's Issue
Maximum PC
SUBSCRIBE NOW
AND SAVE!
FEATURE How to Get FREE Programs, Services, Software & MoreFEATURE Digital Photo Printer RoundupHOW TOBuild a 3D CameraFEATUREDIY Arcade PCWHITE PAPERHow TRIM Works