Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vista Hacking Challenge Answered

Posted by ryuzaki0 on from the still-some-work-to-be-done dept.

debiansid writes "Microsoft's most secure Operating System yet has been compromised at the Black Hat hacker conference. We all know that Andrew Cushman, Microsoft's director of security outreach invited the Black Hats over to touch and feel Vista in order to showcase the superiority of this OS. Joanna Rutkowska, from Coseinc, a Singapore-based security firm, obliged and showed how it is possible to bypass security measures in Vista that prevents unsigned code from running with the help of a little software she calls the 'Blue Pill.'" To be fair, the hack was possible only when the target is in administrator mode rather than a limited user account.

3 of 388 comments (clear)

  1. Re:Would they tell anyway? by ChronoReverse · · Score: 5, Informative

    Except it's already been patched.

    http://www.eweek.com/article2/0,1759,1999241,00.as p?kc=EWRSS03119TX1K0000594

  2. Re:MS Support calls by SEMW · · Score: 5, Informative

    By default, the true administrator account is hidden and disabled by default. Most people won't even know it's there, and you have to go through a rigmarole to enable it if you really want it (these a how-to guide at http://www.computerworld.com/action/article.do?com [computerworld.com] mand=viewArticleBasic&articleId=9001970). The "administrator" account that Vista creates by default is actually a standard user that can temporarily elevate to admin privelages on a task-by-task basis. It pops up a dialogue box like http://www.winsupersite.com/images/showcase/winvis ta_ff_uac_13.jpg, letting you press a big button that says 'allow' if you know it's something you initiated (e.g. you're trying to install something). You don't need to logout and relogin.

    --
    What's purple and commutes? An Abelian grape.
  3. Re:MS Support calls by ChronoReverse · · Score: 5, Informative

    This is the way it works:

    You can either be a limited user or an "administrator". By default in the current beta you're an "administrator".

    What this means is that everytime an action is undertaken that actually requires administrative rights, Vista will pop up a dialogue (a la security warnings in Internet Explorer) and make sure you really wanted to do that. If you think this would be annoying (and would just train users to click yes) let me tell you that it was actually worse in Beta1.

    There it popped up ALL the time and even if a background task does something that requires it, the entire system would stop and pop up the dialogue. At least now it'll just block and wait for you to notice the new task button and deal with it.

    If you're on a limited account, you'll have to run whatever it was you were trying to run with the context menu "Run as admin" item. Then you'll have to type the admin password. Then when the program does something that actually requires the rights, it may or may not pop up the UAC dialogue.


    At least MS is putting hoops for us to jump through.