Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Hole In Windows 7 UAC

Posted by kdawson on from the cancel-or-allow dept.

An anonymous reader writes "A prolific blogger is warning of a possible security hole in the latest beta version of Windows 7. Long Zheng has posted both a description and a proof of concept for an issue that could allow an attacker to skirt the User Account Control component in the new version of Windows. The problem, explains Zheng, is that UAC itself is controlled through system settings. This can allow an attacker to completely disable the protections without user notification. Zheng notes that the issue can be easily fixed by changing the UAC setting to notify users when Windows settings are altered, and that Microsoft could remedy the problem by prompting the user when the UAC setting is altered."

2 of 388 comments (clear)

  1. It IS a problem, because it is being rushed out! by ed · · Score: 1, Troll

    Microsoft feel happy wnough with Windows Vista SP2

    So much that they are not bothering with a second Beta

    So what you have in your hands now is pretty much how it may ship

    http://www.theregister.co.uk/2009/02/02/windows_7_no_second_beta/

  2. Re:Security hole in the White House... by Anonymous Coward · · Score: 0, Troll

    Really? I have no problem with a black man in the White House. I have a problem with him trying to distract us with petty bullshit like Rush Limbaugh while the people who propped him up during the election try to steal another $1.2 Trillion (after interest is factored in) from future Americans. The most appropriate term for that kind of distraction in the face of such malfeasance is "shuckin' and jivin.'" Nice smokescreen, but fuck you, you mindless shill. People like you keep re-electing the same fucktards for Congress year after year, not realizing that they have more control over the economy than the President does.