digg

Facebook Connect Join Digg About
See the original image at arstechnica.com

Windows 7 UAC flaws and how to fix them

arstechnica.com A number of security flaws have been found in Windows 7's streamlined UAC—flaws that Windows Vista is immune to—prompting a series of surprising responses from Microsoft. We take a look at what the flaws are, and what's being done about them.

Who dugg this? Made popular Feb 9, 2009

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

151 Comments

show profanity settings
expand all
  • RandomRage, on 02/09/2009, -8/+51For all the crap it got in the beginning, UAC really isn't that bad. I hardly ever see UAC prompts on my Vista system anymore. Hope they un-break it for Windows 7 prior to release.
  • inactive, on 02/09/2009, -4/+38thats because moron programmers got the point and started coding programs that dont need to run as root.
  • bumcheekcity, on 02/09/2009, -16/+49Turn UAC off if you don't like it. Yay, I win, thread closed. Continue with your previously scheduled lives.
  • mynameistux, on 02/09/2009, -4/+29obligatory comment stating the quality of the linux security model.
  • fowl2, on 02/09/2009, -2/+22I've been waiting for a good, accurate assessment of this issue. I'm glad Ars is starting to go back to what made them special - proper journalism.
  • Sammi84, on 02/09/2009, -3/+23UAC was seriously the only thing that attracted me to Vista. Better security practices in Windows were loooong overdue.

    Too bad so many programmers took so long to update their apps to not require root access just for installing and running.
  • Sammi84, on 02/09/2009, -0/+19Sudo
  • skyh, on 02/09/2009, -2/+20That's not the point... the point is that Microsoft isn't properly structuring UAC so that it actually provides a legitimate level of security.
  • MacParrot, on 02/09/2009, -1/+17True, but as the example showed it was the design of UAC by Microsoft that allowed a potential exploit. If UAC is enabled, nothing short of demanding a password (maybe even twice) should disable it.
  • igyigyigy, on 02/09/2009, -3/+17people still ask questions like that in order to be dickish?
  • abbathdoom, on 02/09/2009, -5/+19Microsoft are so keen to fix everything people hated about Vista they are actually screwing up some of the positives Vista brought.
  • netneutrality, on 02/09/2009, -0/+13You didn't read the rest of the article. Point is that any system process in Windows 7 gets elevated automatically, and some system processes like rundll32 are designed for the express purpose of running arbitrary code.

    That's the more useful exploit; just put your code into a dllexport function and call it via rundll32. It's trivial to do. And that's the bit MS aren't fixing.
  • gllopc, on 02/09/2009, -0/+12It's OS X, not OXS.

    Unless of course you meant an Objective X-Ray Crystal Spectrometer.

  • MAGZine, on 02/09/2009, -2/+13And I'll be here just itching to download MIKROSOFT WINDOWZ OFFICE 2008 PRO PLATINUM + EXTRAS + KEYGEN [ALPHA88].torrent.
  • inactive, on 02/09/2009, -0/+11absolutely. Infact i ubered up the UAC with making people log in as a standard user and a password prompt is required to make changes when the uac pops up. sort of like the osx or sudo prompt of ubuntu.
  • mrno, on 02/09/2009, -0/+9Least we know security companies will do well in the recession.
  • alpha88, on 02/09/2009, -1/+9*goes to write a trojan for everyone using the beta*
  • Kamujin, on 02/09/2009, -3/+11OS X? Wasn't that the FIRST OS to fall in the pwn2own contest? Oh yeah, it was. Lasted 2 whole minutes.
  • jakem1, on 02/09/2009, -0/+7Agreed. I can only think that the main purpose, from Microsoft's point of view, is to provide a nag screen whenever an application does the wrong thing something that they hinted at last year. Seems like a poor reason if that is the case. If I can't rely upon UAC to warn me of an unauthorised change or violation then it's pretty useless to me.
  • BDJC, on 02/09/2009, -0/+7...Contrary to popular belief, there is a world outside of PC gaming.
  • bluechild, on 02/09/2009, -3/+10"Flaws" ? These are "features" :P
  • MAGZine, on 02/09/2009, -3/+10Remember the Pwn 2 Own Hacking Competition...?
  • Auzy, on 02/09/2009, -4/+11Umm.. No..

    I used to work service at a apple reseller, and heres some handy info for you:

    1) Only geeks install the security updates consistantly. Because OSX has no easy way to automatically install them (without special scripts and such). Windows on the other hand automatically installs them. End result? Security updates which most users on windows will have installed within 2 or 3 days of turning on their computer, whereas, the only reason why most OSX users still aren't running 10.5.0, is because some applications require updates to operate.

    2) Windows application writers digitally sign everything from drivers to programs. On OS X, nothing is signed. You really have no idea who wrote the program you are downloading on OSX.

    3) Apple still is telling everyone they don't need AV, and is ACTIVELY, marketing that OSX is resistant against viruses. Total BS. This is one reason why OSX will be very popular with trojan/botnet coders, because there is little chance the trojan will be discovered. Many OSX users such as yourself still believe OSX doesn't get hacked, simply because there aren't any obvious signs. Well, welcome to the 21st century, where nobody cares about corrupting files.

    4) Requesting a password for admin privs does NOT increase security, especially when you have no idea why the program is requesting the privileges. UAC is far more advanced then OSX in that regard.

    5) Operating systems change. Windows 95 is not the same as Windows Vista.

    6) A UNIX base doesn't make it secure.. If I hear another "know-all" sales person tell me OSX is secure because it has a UNIX base, I think I will poke someone

    Sorry, but I worked a reseller, and I've come to realise that OSX security is a joke. One reason I quit the reseller is because every customer who walked in were only buying OSX because they thought it couldn't get viruses. In fact, Mac's these days is mostly sold on lies.

    OSX is certainly not secure. Maybe in a theoretical sense it is, but in a practical sense, security is quite poor. That, and in my opinion, the applications tend to appear to be a lot less stable (which to me strongly suggests that less QA goes into them).
  • siggyfawn, on 02/09/2009, -8/+15And OS X!
  • ethnicman, on 02/09/2009, -0/+7seed please :)
  • Sammi84, on 02/09/2009, -1/+7FTA:

    "Given the importance of security and UAC, one might expect Microsoft to take note of this problem and do something to fix it. Unfortunately, the company's first response was to dismiss the behavior as happening "by design." Redmond says that, because UAC isn't a security boundary, it doesn't matter if silent elevation occurs; it's not a vulnerability. UAC is only there to keep legitimate software authors honest, not to stop malware. After the second exploit was disclosed, on Thursday a company representative made a lengthy blog post reiterating that UAC is not a security boundary and that the behavior is by design—it's awfully convenient, you see, so it doesn't matter if it's actually useful as a security measure.
    ...
    Fundamentally, the defense that UAC is not a security boundary just doesn't cut the mustard. Microsoft sells UAC as providing "heightened security", as a way of limiting the "potential damage" that malware can do. To then argue that users should not, in fact, expect UAC to keep them secure is insulting."

    Wow, I didn't know that MS didn't design UAC for security O_o

    What the point, then?
  • Pxtl, on 02/09/2009, -2/+8My problem with UAC isn't UAC itself, but all the stuff within Vista itself that warns me before issuing a UAC confirmation screen.

    If I want to copy over some files in Program Files, I have to click through a whole spree of confirmation screens, only one of them is the UAC window itself.

    Who seriously thought of putting "this action will require confirmation" boxes?
  • MWeather, on 02/09/2009, -0/+6Windows has had root access for quite a while. Problem was, that was the ONLY level of access (by default).
  • jakem1, on 02/09/2009, -0/+5Read the article.
  • Kazbaeden, on 02/09/2009, -0/+5@Hazello

    If I understand the XP Prefetcher correctly, it lists all the files it needed to start an application, then uses the references to load the files in order, rather than jumping around the harddrive.

    Superfetch not only goes a step further by loading these files into RAM, but it also uses heuristics to identify which files to load and when. It's much more sophisticated, and offers better performance gains.

    http://windowsitpro.com/article/articleid/77130/js ...
  • ApokalypseNow, on 02/09/2009, -0/+5Ah superfetch, the silent killer.
  • uRmyHartBstopR, on 02/09/2009, -0/+5Yup, it always feel like Microsoft keeps anti-virus companies in business. On the other hand if MS goes away there will just be less of em.
  • insertAliasHere, on 02/09/2009, -0/+5Most people will not go out and buy a copy. However, most people will get a copy when they buy their next computer. Far more copies of OSs are sold via OEM than retail (at least in the consumer market).
  • AnalogWiz, on 02/09/2009, -0/+5<sigh>

    You did *not* read the article. MS is only fixing *one* out of the *two* problems with the 'fix' noted in that blog.

    Don't get me wrong, I run Windows 7 and really like it. However, let's be honest here, we want MS to fix known security problems *before* it is released.

    IMHO, I'd rather wait an extra month for them to fix these issues than have them release it early.

  • kent1146, on 02/09/2009, -4/+9"... just buy a Mac and use OXS"

    You bought a Mac, try to be technical in a Windows bashing cutesy-comment, but end up ***** it up and looking like a total retard.

    Typical Mac user.

  • MWeather, on 02/09/2009, -0/+5If you have a single user, you should still use UAC.
  • inactive, on 02/09/2009, -2/+7I was going to write a long winded diatribe, railing against the UAC haters. It was easier to just digg you up.
  • netneutrality, on 02/09/2009, -0/+5Lollercopter. That's exactly it.
  • djbon2112, on 02/09/2009, -0/+4I used it for years and had no problem. The only downside to XP x64 is that it isn't Vista, it doesn't have the modern features.
  • wolferz, on 02/09/2009, -2/+6and adds a boat load of problems and a significant reduction in performance. Great idea.

    Please people, stop suggesting XP64... the only os MS has made worse than it was ME.
  • inactive, on 02/09/2009, -3/+7There is an option to turn it off, retard.
  • hazello, on 02/09/2009, -7/+11IT HAS SHINY LITTLE BORDERS and uses 3 times as much ram for no reason
  • MacParrot, on 02/09/2009, -3/+7Please. There's nothing inherently wrong with preferring a Windows OS over any other. You're only as secure with ANY OS as to how you approach security. Want all those cool smileys for your Windows chat program? Congrats you've probably also installed some kind of malware. Want that free copy of iWork 09 for OS X so you downloaded it off a torrent? Way to go! You also just compromised your system! Want yet another Linux rogram that you really have no idea where it came from? Oh yeah, you just gave up the keys to your digital kingdom!

    Stop pretending that what your needs and preferences are can be any more legitimate than someone elses.
  • inactive, on 02/09/2009, -1/+5if you have multiple users on the computer then yes people should still use UAC.
  • MAGZine, on 02/09/2009, -1/+5Not _all_ of their users. :)
  • Sammi84, on 02/09/2009, -1/+5Go click on an ad and install some spyware, will you?
  • inactive, on 02/09/2009, -1/+4if anyone else want to know how to do this (works in vista and windows 7 only)
    then go to control panel
    open user accounts
    go to manage other accounts
    create a new account which is admin and password protect it
    log into the newly created account
    and downgrade your current account to a standard user
    if you want to log into the standard account automatically at boot up then do this
    click on the start menu and type netplwiz
    uncheck the "user must enter blah blah"
    there is a pop up, in that type in the standard user account name and password of that account (leave it blank if no password is set for that account)
  • Kamujin, on 02/09/2009, -1/+4Don't forget more a stable shell and less glitchy SMB/CIFS support.
  • MacParrot, on 02/09/2009, -3/+6"1) Only geeks install the security updates consistantly. Because OSX has no easy way to automatically install them (without special scripts and such). Windows on the other hand automatically installs them."

    Nonsense. MOST people do not automatically install Windows updates which is why that last bit of malware got installed onto a lot of people's systems even though (in Microsoft's defense) they had already patched it.

    OS X has a similar system update method that automatically asks if you want to install. Neither company can be held responsible if idiots don't take the time to update their systems.

    "2) Windows application writers digitally sign everything from drivers to programs. On OS X, nothing is signed. You really have no idea who wrote the program you are downloading on OSX. "

    Right because no one could possibly fake that signiture. Did you read the article? They wrote a program that disabled UAC.

    "3) Apple still is telling everyone they don't need AV, and is ACTIVELY, marketing that OSX is resistant against viruses. Total BS. This is one reason why OSX will be very popular with trojan/botnet coders, because there is little chance the trojan will be discovered. Many OSX users such as yourself still believe OSX doesn't get hacked, simply because there aren't any obvious signs."

    You should run anti-virus software no matter WHAT platform you're running. Can you point however to ANY virus that automatically uploads to OS X without user intervention as many did under older versions of Windows? Thankfully MS closed those holes some time ago. Preventing users from doing something stupid is nothing that either MS or Apple can prevent.

    "4) Requesting a password for admin privs does NOT increase security, especially when you have no idea why the program is requesting the privileges. UAC is far more advanced then OSX in that regard."

    Um...yeah it kinda does which is the point of UAC and OS X's similar function. To let the user know that something is about to be installed that could compromise their systems.

    "6) A UNIX base doesn't make it secure.. If I hear another "know-all" sales person tell me OSX is secure because it has a UNIX base, I think I will poke someone"

    Poke away. A Unix based OS (by it's very nature) is more secure with security features built-in from a very long time ago. This deosn't mean that Windows is any more or less secure as Microsoft has worked very hard closing the holes that previous versions had. A system is only as secure as the person running it. Which is why the rest of what you had to say is nonsense as well.
  • inactive, on 02/09/2009, -0/+3It's good if you have biometrics, like most laptops these days. People like to stick ***** on my laptop when I'm not looking as a prank, but UAC ramped to the max pretty much stopped that and you can bypass it with a swipe of your finger.
  • Fetching more discussions...
    Show 51 - 100 of 153 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.