http://blogs.technet.com/rhalbheer/archive/2009/02/05/both-sides-of-the-windows-7-uac-problem.aspxI have to come back to the UAC problem again. I just read a good article from Larry Seltzer on eWeek.com: Both Sides of the Win7 UAC Problem I think it is one of the first one I read, which takes the emotions out of the discussion and tries to understanden-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/rhalbheer/archive/2009/02/05/both-sides-of-the-windows-7-uac-problem.aspx#3197895Fri, 06 Feb 2009 07:48:55 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3197895Robert McLaws: Windows Vista Edition<p>I have been appalled at what has taken place over the last week. And now that it is over, I want to talk</p> http://blogs.technet.com/rhalbheer/archive/2009/02/05/both-sides-of-the-windows-7-uac-problem.aspx#3198454Sat, 07 Feb 2009 06:26:51 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3198454Satisfy Me<p>If you weren't at the TED conference this week, you might've missed Bill Gates' mosquito stunt as noted</p> http://blogs.technet.com/rhalbheer/archive/2009/02/05/both-sides-of-the-windows-7-uac-problem.aspx#3199490Mon, 09 Feb 2009 22:06:28 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3199490Leo Davidson<p>The problem is, with the current settings the UAC prompts for third-party apps are security theater that only punish well-behaved software.</p> <p>Anything that wants to can bypass UAC completely, as I've shown here:</p> <p><a rel="nofollow" target="_new" href="http://leo.lss.com.au/W7E_VID_INT/W7E_VID_INT.htm">http://leo.lss.com.au/W7E_VID_INT/W7E_VID_INT.htm</a></p> <p><a rel="nofollow" target="_new" href="http://leo.lss.com.au/W7E_VID_DRA/W7E_VID_DRA.htm">http://leo.lss.com.au/W7E_VID_DRA/W7E_VID_DRA.htm</a></p> <p>Those videos made late night show an updated of my earlier proof-of-concept code-injection technique. It doesn't use RunDll32 or SendKeys. It can hijack any &quot;blessed&quot; Microsoft executable running at medium integrity (i.e. normal, elevated), including Explorer.exe, Calc.exe, Notepad.exe, MSPaint.exe... (Why on earth have you given all of those apps the ability to bypass UAC when creating COM objects? Why extend the attack surface to Calc.exe etc.?)</p> <p>Given that any process can use this fairly simple technique to elevate anything it wants, the UAC prompts in Windows 7 with default settings offer virtually no protection.</p> <p>Thus you should either remove them from *all* apps (i.e. the &quot;elevate without prompting&quot; option which was already in Vista's UAC) or you should make them secure again by default.</p> <p>I don't really care which you do so long as I can turn on &quot;always prompt&quot; but what you're doing right now is a) Security theater, since it offers only the illusion of protection which can be bypassed trivially; and b) Anti-competitive, since people who compete with your bundled administrative and/or file management software are forced to either show UAC prompts or use dodgy workarounds.</p> <p>And going back to it, there really is no excuse for apps like Calc, Notepad and Paint to have access to full UAC elevation without prompting.</p>