Microsoft Caves, Will Change UAC In Windows 7

CWmike writes "Reacting to intense criticism of an important security feature in Windows 7 (which we discussed a few days back), Microsoft today said it will change the behavior of User Account Control in Windows 7's release candidate. In a blog post, two Microsoft executives responsible for Windows development, John DeVaan and Steven Sinofsky, said 'We are going to deliver two changes to the Release Candidate that we'll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. Second, changing the level of the UAC will also prompt for confirmation.' They said the changes were prompted by feedback from users, including comments on an earlier post Thursday by DeVaan in which he defended the modifications Microsoft made to UAC in Windows 7."

Intense?

[jamesl]

Intense criticism? Define "intense."

Isn't this how it's supposed to work? Release pre-production code to the community. Listen to comments. Respond to comments as appropriate.

Now define "over the top."

The entire concept is broken

[landimal_adurotune]

With the initial Vista UAC people were trained to just click yes to everything or they would turn off the function entirely. With Windows 7 it is far less frustrating but the User part of the UAC is what is broken, there is no substitution for actually educating users. That is something that is far out of MS's reach IMHO.

Caves?

[ukyoCE]

This is hardly "caving". Microsoft was alerted to a security issue, and they're fixing it. How did this get spun into an anti-microsoft story?

Did I miss some story where Microsoft said they absolutely refused to fix the problem, but now a few days later they're giving in and fixing it?

Re:Caves?

[Lostlander]

I agree, I hate Microsoft as much as the next Linux user but seriously agreeing to change something in a beta isn't caving it's feature adjustment. The tittle of the summary is just flamebait. Windows 7 seems to be a functional Microsoft operating system for a change and people are freaking out looking for something to hate about it.

Re:Caves?

[Hal_Porter]

A true slashdot user believes all these things

1) The flaw in XP was that everyone run as admin. Unix's system of running as a limited user and doing a privilege escalation via sudo each time you do something that requires admin rights.
2) The flaw in Vista was UAC, where you do a privilege escalation each time you do something that requires admin rights.
3) The first Windows 7 beta had a flaw where it was possible for malware to disable UAC programatically and thus bypass it.
4) Microsoft have 'caved' and changed UAC in the Windows 7 release candidate.

and he believes them simultaneously too.

Re:I had a little glimmer of hope

[Toreo+asesino]

When I read the headline...that they were going to implement proper user account permissions (a la UNIX) so UAC wouldn't be needed. Alas, I was disappointed.

By that you mean "put password in everytime you need to elevate?". UAC does that if you're not an admin. If you are, because you're not really an admin, it just confirms you want to...if the app is digitally signed; if not, it give you a big scary warning box you actually have to read.

Re:windows users are STILL more tolerant than ME

[v1]

but this is Windows, which has been so poorly engineered for so long that roughly 97% of applications expect to be run as Admin; and thanks to the delights of 'backwards compatibility'

ya, but wasn't that what Vista was all about? Causing 80% of the existing windows apps to spontaneously combust and force the developers once and for all to fix their crap? What happened to that? (guessing... public outcry from the users and lazy devs pointing at MS as the blame) I thought that was the reason that Windows7 was going to make an even more solid, committed attempt to force the developers to adopt good coding practice. MS can't just continue to roll over on this issue.