Advertisement

Latest News

[ Windows | Linux | Apple ]

· Daily Reviews Summary 02/12/12
· Wine 1.4 Release Candidate 3
· Daily Reviews Summary 02/11/12
· How To Install Nixnote Using PPA On Ubuntu 11.10
· Five Ways Windows 8 Will Make Apps More Power-Friendly
· ReactOS, the Windows-compatible OS, sees major updates
· 5 Security Updates for Slackware Linux
· Windows 8 tablets to have Microsoft Office built in
· Daily Reviews Summary 02/10/12
· CompatDB Updates 02/10/12

Upcoming News

· Win a Logitech C270 HD Webcam @ t-break
· Win a Logitech h250 Stereo Headset @ t-break
· Interview with Alec Saunders, RIM's VP of Developer Relations @ t-break
· Hands-on with the PlayBook OS 2.0 Email and Social features @ t-break
· Lenovo ThinkPad Tablet Review @ t-break
· Unboxing the Amazon Kindle Touch @ ThinkComputers.org
· NewerTech NuPower Battery for all MacBook Pro 17" non-Unibody @ TestFreaks
· Trendnet TPL-307E2K Powerline Adapter kit @ Rbmods
· Wine release 1.4-rc3
· Laser or inkjet for the home office, that's the question @ t-break

Windows Compatibility

· Samsung Drive Diagnostic Utility (Hutil)
· Realtek High Definition Audio for 2K/XP/03
· Tweaking.com - Windows Repair
· Advanced SystemCare Free 5.1.0.196 Final
· Malwarebytes Anti-Malware
· Win7codecs 3.0 Beta 5
· Nokia Suite (formerly Nokia Ovi Suite)
· Cable Modem Diagnostic
· IObit Malware Fighter
· Mozilla Firefox 13.0a1 Aurora

New Forum Topics

· Itunes Won't Let Me Burn Cd's
by: danleff
on: 2012-02-12 11:20
1 replies, 133 views

· Bejeweled 2 Delux Problem
by: gomamma
on: 2012-02-10 19:53
0 replies, 135 views

· Directx
by: Rajoo
on: 2012-02-06 21:29
0 replies, 256 views

· Code: Bad EIP Value
by: megatouchguy
on: 2012-01-28 06:27
0 replies, 486 views

· XP Pro crashes on start up
by: javien
on: 2012-01-17 12:38
6 replies, 2163 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Windows XP
· Microsoft
· Updates
· Interviews
· Windows Server 2003
· General
· Windows Vista
· Webcasts
· Windows Server 2008
· Windows Home Server
· Windows 7
· Windows 8
· Windows Phone 7

What's New

Login to see an overview of all news stories since your last visit.

Affiliates

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Sacrificing security for usability: UAC security flaw in Windows 7 beta

Posted by Philipp Esselbach on: 02/01/2009 10:57 AM [ Print | 0 comment(s) ]

Long Zheng discovered a potential security flaw in Windows 7 beta

This is dedicated to every ignorant “tech journalist” who cried wolf about UAC in Windows Vista. A change to User Account Control (UAC) in Windows 7 (beta) to make it “less annoying” inadvertently clears the path for a simple but ingenius override that renders UAC disabled without user interaction. For the security conscious, a workaround is also provided at the end. First and foremost, I want to clear up two things.

First, I was originally going to blackmail Microsoft for a large ransom for the details of this flaw, but in these uncertain economic times, their ransom fund has probably been cut back so I’m just going to share this for free.

Secondly, the reason I’m blogging about this flaw is not because of its security implications - it is blatantly simple to fix - but Microsoft’s apparent ignorance towards the matter on their official Windows 7 beta feedback channel by noting the issue as “by design” and hinting it won’t be fixed in the retail version. A security-minded ‘whistleblower’ came forth to ask me if I could publicize this issue to maybe persuade them to change their mind. And that’s what I’m doing.

Sacrificing security for usability: UAC security flaw in Windows 7 beta

All products mentioned are registered trademarks or trademarks of their respective owners.
© 1998-2011 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition