Comments on: Windows 7 RC UAC security vulnerability: Auto elevation

By: Michael Pietroforte

Michael Pietroforte — Sun, 24 May 2009 09:10:41 +0000

Jarred, I absolutely agree. UAC in Windows 7 is Microsoft’s reaction to the complaints. So perhaps we can’t blame Microsoft alone. I also belonged to those who complaint about UAC. However, I didn’t complain because I dislike the idea of separating users and admins. I just don’t like the way Microsoft tried to solve this problem. In Windows 7 Microsoft made things only worse. It is a quick-and-dirty solution.

Fowl, whitelists certainly reduce security. However, one always have to find a trade-off between convenience and security. Auto elevation obviously was a bad choice. We already compromise our systems at the moment when we create “whitelists of users” who are allowed to logon on. Every admin will agree about that. Whitelists under Linux (sudo) were never really a security problem. Microsoft only has to copy what others are doing already for years with success.

jon, Leo also speaks about DLL injection. However, he does not really inject a DLL. Perhaps “EXE injection” would be more appropriate. I am not sure if we shouldn’t talk about a bug here even though only standard APIs are involved.

By: jon

jon — Tue, 19 May 2009 07:44:40 +0000

(continued from above) The point being – that this mechanism DOESN’T depend on a bug in the target process, but instead uses a standard, documented system API.

By: jon

jon — Tue, 19 May 2009 07:43:46 +0000

The technique described is probably more accurately termed “DLL injection” (http://en.wikipedia.org/wiki/DLL_Injection) rather than “code injection”. Actually the distinction between the two is really negligible but many people consider “code injection” to specifically mean the exploiting of a bug in the target process, where as “DLL injection” refers to the use of standard, supported system mechanisms of running your own code in the context of another process.

By: Fowl

Fowl — Mon, 18 May 2009 22:53:20 +0000

There was a reason there wasn’t a whitelist in Vista, and it’s the same one as the built in one is 7 is a bad one.

Anytime you put something there, you completely compromise the system. Programs just need be designed properly.

I’m very dissapointed Microsoft completely ignored their own advice. Say waht you like about Vista’s UAC, but at least it worked!

At least they allow you to turn it back to the “useful” setting from the “pointless prompts that anyone can get around” mode that is now the default.

By: Jarred Fehr

Jarred Fehr — Mon, 18 May 2009 20:23:44 +0000

I agree with you here. For work and home, I will set all PCs to the highest UAC setting. So many people have complained and moaned about UAC that MS must feel it has no choice but to make it less noticable. However, I think that doing it this way in Win7 is completely undoing all the hard work and effort that went into Vista UAC. Maybe if more people (like you) point this out MS will do the right thing and restore UAC to a useful default configuration.