Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Source Code to Windows 7 UAC Injection Flaw Released
Posted by Philipp Esselbach on: 06/23/2009 05:06 PM [ Print | 0 comment(s) ]
OSNews reports that the source code to the UAC injection flaw in Windows 7 has been released
In a nutshell, since we've already discussed this a few times, the flaw works like this: a lot of people got all whiny over the UAC prompts in Windows Vista. As a result, Microsoft wanted to fix this in Windows 7. The logical, thorough, and proper method would've been to fix components of Windows so that they no longer require elevated privileges. Instead, Microsoft did an epic cop-out, reminiscent of the early days of Windows XP, and created a list of processes which possess auto-elevation capabilities. In other words, Microsoft allows its own processes to silently elevate in Windows 7 as to avoid having to actually fix their code.
As always, you can fix this by setting the UAC slider in Windows 7 to its topmost position. It's also important to note that this flaw does not work if you are running as a standard user - however, since the first user created is still an administrator, that point is moot.
As always, you can fix this by setting the UAC slider in Windows 7 to its topmost position. It's also important to note that this flaw does not work if you are running as a standard user - however, since the first user created is still an administrator, that point is moot.
Source Code to Windows 7 UAC Injection Flaw Released
Related Threads
03/14/2000 05:31 AM: SB Live resource conflict and greyed out Use auto settings b (0) by chris719
02/24/2000 10:18 AM: Weird Diamond Viper 550 resource clash (5) by Jerry -
12/08/1999 06:27 PM: Setting Resource Configs Manually (0) by ThC 129
02/24/2000 10:18 AM: Weird Diamond Viper 550 resource clash (5) by Jerry -
12/08/1999 06:27 PM: Setting Resource Configs Manually (0) by ThC 129