[Full-disclosure] Windows 7 UAC compromised
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Mon Feb 2 19:07:02 GMT 2009
On Mon, 02 Feb 2009 20:47:41 +0200, James Matthews said:
> http://www.istartedsomething.com/20090130/uac-security-flaw-windows-7-beta-proof/
>
> Windows is like swiss cheese!
The biggest issue here is that although it's technically easy to fix this
problem (just have UAC issue an alert when somebody's messing with the
system settings), it involves doing more of what end users dislike most
about UAC (it issuing alerts to Joe Sixpack all the time when he does
something bone-headed security-wise).
Fixing this one in a way that users will put up with will be a bitch.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20090202/d7842775/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.