Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tricking Vista's UAC To Hide Malware

Posted by kdawson on from the protective-coloration dept.

Vista's User Account Control, love it or hate it, represents a barrier against unwanted software getting run on users' computers. A Symantec researcher has found a simple way to spoof UAC and says that it shouldn't be completely trusted. The trick is to disguise the UAC warning dialog in the color associated with alerts generated by Windows itself.

5 of 221 comments (clear)

  1. Importance? by MrNonchalant · · Score: 3, Funny

    "Would the user treat this UAC with the same amount of caution?" His answer: No. Users will, as Microsoft intended when it selected those colors, note the teal border of the spoofed UAC and likely click through without a second thought, he said.
    I've been using Vista for a month. There were color differences?
  2. Better listen up, guys... by Donniedarkness · · Score: 5, Funny

    Better listen up; this is coming from Symantec, the guys that brought us Norton Internet Security. These guys KNOW how to really mess computers up.

    --
    Earn a % of cash back from Newegg, Tiger Direct, Walmart.com, and more: http://www.mrrebates.com?refid=458505
  3. or, get it to look like spam by 192939495969798999 · · Score: 4, Funny

    Just get it to vibrate around like those horrible "you're the 99999th visitor!" pop-ups, and anyone would click whatever to get rid of it. Furthermore, you could change it to one of those "are you stupid?" pop-ups, that the "no" button moves around. There are a zillion ways to get someone to click the button you want.

    --
    stuff |
  4. Re:paraphrase by risk+one · · Score: 5, Funny

    Hooray for apathy!
    Meh... it's alright, I guess. I could take it or leave it.
  5. Re:paraphrase by SydBarrett · · Score: 3, Funny

    So, Vista is gonna prevent me from winning Ipods?

    Screw that, if i'm the 999,999th vistor I deserve a prize and I dont care what no washington computer fatcat wants to do with my internet windows.