Sign in with
Sign up | Sign in
Your question
Closed

Russinovich (Technet) on Win 7 UAC

Tags:
Last response: in Windows 7
Share
a b $ Windows 7
June 11, 2009 8:56:21 AM

Based on my quick browse (sorry, a bit busy right now), they still haven't a crucial flaw in the UAC system: any program that can pass itself off as an admin will get full access, and may actually hijack the escalation dialog to pass itself off as legit to a less savvy user.
a b $ Windows 7
June 11, 2009 12:26:59 PM

r_manic said:
Based on my quick browse (sorry, a bit busy right now), they still haven't a crucial flaw in the UAC system: any program that can pass itself off as an admin will get full access, and may actually hijack the escalation dialog to pass itself off as legit to a less savvy user.




This has been covered time and again: That is NOT inherent in the operating system. It's a bootkit exploit that changes system files as they load into active memory on startup. This means the person hacking your computer has to be physically sitting there for the exploit to work, and that the vulnerability goes away when you no longer boot to said corrupted media.
!