Is There an Even Bigger Security Hole in Windows 7's UAC?

5

Comments

+ Add a Comment
avatar

Taz0

Well this puts the matter to rest:

  • With this feedback and a lot more we are going to deliver two changes to the Release Candidate that we’ll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation.

Full article: http://blogs.msdn.com/e7/archive/2009/02/05/uac-feedback-and-follow-up.aspx

avatar

Skiplives

So we shouldn't worry about how easy it si for a program to change the security settings because the maleware filter is "perfect"?  Oh yeah, I like that idea.

 [Edit: Because posting from a blackberry is not a good idea]

avatar

gibsurfer84

As long as this is fixed, and it hopefully will be, I have no bad vibe about it. The product is in beta for these reasons and to help secure and improve the product before its released. I hope we find more problems NOW rather than later, when people have paid for it.

avatar

Skiplives

Why should the levels be accessable to change by a program at all?

Your security level should be one of those things that is a very manual process.  After all most people only set it once and forget about it.

 [Edit: because posting from a blackberry on a train is not a good idea]

avatar

MrNaPaLm32

I find it puzzleing that they would think rundll can be completely trusted.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.