Ahhh...
I always thought the age-old joke about Microsoft "Undocumented Features" was *just* a joke!
A security hole in Windows 7, highlighted by a blogger back in January, is still wide open and Microsoft is showing very little interest in closing it. Of course the software is only in beta right now, but the full release is due in August. An Aussie blogger spotted the problem with User Account Control back in January. John …
The issue described in January was a SendKeys vulnerability: that UAC wasn't prompting the user when UAC was disabled.
The current issue is different and relates to priviledge escalation due to "pre-trusted" apps like explorer.exe allowing their memory to be altered by other unprivileged processes.
Also, Long didn't write the code, he just reposted it.
"But 21-year old Long Zheng created proof of concept code which can remotely switch UAC off without informing the user."
Long Zheng is a very good writer (his blog is far more accurate than some crappy IT websites), but he's not a software developper. The flaw has been discovered by Leo Davidson, and he's the one who released the proof of concept code.
Anyway, the good news is that IE users are protected against this flaw if a malware tries to exploit an unpatched flaw in Internet Explorer, flash, or adobe reader, since Internet Explorer and its plugins run in low integrity more (aka Protected Mode).
However, safari and firefox users are at risk, since a flaw in their browser or in one of their plugin would allow a malware to gain administrive privileges through this UAC flaw.
This UAC flaw resides ONLY in the default uac setting. Setting the UAC at the highest level will make this flaw NON-EXPLOITABLE.
So; Microsoft could fix this flaw using the same UAC setting as Vista, but people don't like to see elevation prompts when they do administrative tasks (they wouldn't like linux either ^^).... so Microsoft is listening them and UAC is now useless (except for IE users who still benefit from the protected mode).
The flaw itself cannot be fixed because il would stop some programs from working.
"The flaw itself cannot be fixed because il would stop some programs from working."
Er, Microsoft frequently make OS changes which stops programs working. Why should this flaw not be one of them?
[Black helicopters, no explanation should be needed, all right?]
So it must be true. I mean sure there is a chance that if you use Firefox or safari that you could be at risk, but nobody actually uses those browsers. Everyone on the planet uses Internet Explorer, so no worries. And certainly no one would set this control to low or off just to avoid being prompted for permission every time you touch your keyboard or click your mouse, would they. Microsoft is never wrong and their systems are rock solid. Just ask them. I will follow them down the garden path of upgrades from XP to vista to 7 just like they told me I should because, after all Microsoft knows what is best for me, and you too. Maybe I should look into a volume license, because after all I want to spread the joy to all the people I know. Everyday at the appointed time of 4:20 pm I bow down toward Redmond and pray to my god bill and all he represents. forgive me for my doubts my lord bill, and please smite the evil penguin.
Microsoft calls this allowable?
Whew let me make up an internet script that will remotely connect to random IP addresses and send the command to turn off UAC all over the internet! YAY this will be so fun and legal since Microsoft wants it this way by design.
Microsoft really does love spooks!