Security Hole In Windows 7 UAC
An anonymous reader writes "A prolific blogger is warning of a possible security hole in the latest beta version of Windows 7. Long Zheng has posted both a description and a proof of concept for an issue that could allow an attacker to skirt the User Account Control component in the new version of Windows. The problem, explains Zheng, is that UAC itself is controlled through system settings. This can allow an attacker to completely disable the protections without user notification. Zheng notes that the issue can be easily fixed by changing the UAC setting to notify users when Windows settings are altered, and that Microsoft could remedy the problem by prompting the user when the UAC setting is altered."
Everyone knows from recent news that microsoft has removed the innards of windows 7 and replaced them with "gerald", a lovable computer literate field mouse.
Gerald is cheap, congenial, and zippy, but unfortunately has very poor judgment.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
The beta worked perfectly!
Even the malware will be ready for Windows 7!
So, basically, what they did was build a big sturdy door (UAC) and put the treasure (system settings) behind it. Normally you need magic keys (certificates) to enter the door. Then, they built a button that unlocks the door from the outside. Wow!
==============
"It look like you're trying to alter the UAC settings, Cancel or Allow?"
*click*
"It looks like you've confirmed the change in UAC settings, Cancel or Allow?"
*click*
"The UAC settings have been altered, Cancel or Allow?"
*click**click**click**click**click*-----INPUT DEVICE FAILURE
all this talk of UAC makes me feel like playing some doom again.