Windows 7 Testers Uncover Another UAC Flaw
Two Windows 7 testers claim they've found a second glitch in the Windows 7 beta's default security configuration that could let malware automatically elevate itself to full administrative privileges without triggering User Account Control prompts or even shutting down UAC at all.
Last week, Microsoft (NSDQ:MSFT) bloggers Long Zheng and Rafael Rivera published simple proof-of-concept code that automatically disables UAC in Windows 7 without any user interaction. On Wednesday, Zheng and Rivera published details on a second UAC flaw in the Windows 7 beta that stems from the OS being set up to automatically elevate Microsoft-signed applications and code in order to minimize UAC alerts.
The problem, according to Zheng, is that some of these trusted, Microsoft-signed applications are designed to execute third-party code for legitimate reasons, which allows attackers to create malware that exploits their trusted status.
"Unfortunately, this flaw is not just a single point of failure. The breadth of Windows executables is just too many and too diverse, and many are exploitable," Zheng wrote.
Microsoft denied that the first UAC flaw was actually a flaw, claiming that the only way UAC could be changed without the user's knowledge was if malicious code was already running on the box.
Microsoft is still investigating the second UAC flaw, said a spokesperson who declined to comment further. However, both Zheng and Rivera reported hearing rumors that the second UAC issue has been fixed in internal Windows 7 builds.
To illustrate the potential impact of the second UAC flaw, Rivera published a proof-of-concept that could let attackers use rundll32.exe -- one of the Microsoft-signed applications -- to execute malicious code on a PC with full administrative privileges.
Zheng recommended that Windows 7 beta users set their UAC settings to 'high' in order to minimize the danger for both flaws. However, that makes UAC in the Windows 7 beta behave in the same overly chatty fashion it did in Vista, which once again highlights the difficulty of balancing security and usability concerns.
While Windows 7 is expected to hew to the same high security standards as Vista, security experts are watching Microsoft's response to the UAC issues closely, and some are beginning to take issue with how the software giant is responding to the UAC reports.Popularity: 1%
Written by Sekhy!. Read more great feeds at is source WEBSITE
no comments.
Read more articles on otherSoftware and windows 7 and flaw and UAC.
- [+] Digg: Feature this article
- [+] Del.icio.us: Bookmark this article
- [+] Furl: Bookmark this article
