Slashdot Mirror


"Very Severe Hole" In Vista UAC Design

Cuts and bruises writes "Hacker Joanna Rutkowska has flagged a "very severe hole" in the design of Windows Vista's User Account Controls (UAC) feature. The issue is that Vista automatically assumes that all setup programs (application installers) should be run with administrator privileges — and gives the user no option to let them run without elevated privileges. This means that a freeware Tetris installer would be allowed to load kernel drivers. Microsoft's Mark Russinovich acknowledges the risk factor but says it was a 'design choice' to balance security with ease of use."

3 of 813 comments (clear)

  1. Re:An even bigger hole... by chrismgtis · · Score: 0, Flamebait

    It sounds to me that you're the one crying wolf. Quit whining. Vista doesn't do as much to annoy you as you just claimed. I have absolutely no issues whatsoever with Vista Ultimate at the current time. Then again, I am the one that ran XP with absolutely no virii, malware, performance issues or other problems whatsoever, unlike most people who can't seem to grasp how to use a computer correctly.

  2. Re:Swinging a Blunt Object by TooMuchToDo · · Score: 0, Flamebait

    How are lazy users Microsoft's problem?

  3. Re:It's not the software. by Joe+U · · Score: -1, Flamebait

    Microsoft embarrasses me as a computer professional

    Strange, I feel the same way about Linux and Mac zealots...

    Lets face some facts, Linux, will never win. Ever. Linux will never, ever, ever, ever, become the dominant OS in the PC market. Linux distros and users don't have what it takes. The average Linux expert here spends 50% of their time griping about Windows, 25% of their time outright bashing Microsoft and 25% of the time actually saying something (semi)intelligent. Unfortunately they usually spend 0% of their time helping new Linux users, so good luck there.

    Mac, you are going to implode under your own success. I see Apple with 40% of the market before a worm wipes out half the Macs on the Internet, mostly thanks to the Apple caviler attitude regarding security.

    Enjoy the holes you dug yourselves into.