UAC Whitelist Hole In Windows 7

David Gerard writes "Microsoft tried to make Vista secure with User Access Control (UAC). They relaxed it a bit in Windows 7 because it was such a pain in the backside. Unfortunately, one way they did this (the third way so far found around UAC in Windows 7) was to give certain Microsoft files the power to just ... bypass UAC. Even more unfortunately, one of the DLLs they whitelisted was RUNDLL32.EXE. The exploit is simply to copy (or inject) part of its own code into the memory of another running process and then telling that target process to run the code, using standard, non-privileged APIs such as WriteProcessMemory and CreateRemoteThread. Ars Technica writes up the issue, proclaiming Windows 7 UAC 'a broken mess; mend it or end it.'"

Futurama Analogy

[nurhussein]

Microsoft's approach to security is like putting too much air into a balloon! And when exploiters find a way around their measures, it's like.. a balloon, and... something bad happens!

Mend it or end it.

[ciderVisor]

"Ending is better than mending. The more stitches, the less riches; the more stitches ..."

Full Featured Windows API

[Sponge Bath]

...APIs such as WriteProcessMemory and CreateRemoteThread.

At first glance I was wondering why Microsoft would supply and API function CreateRemoteThreat().
Even for Windows, that would be a little out there.

Re:It's all a workaround

[ettlz]

The only solution is to scrap Windows altogether and build a new multi-user OS from scratch....

And what might they call this... this New Technology?

OWAIT

Re:If it was easy--

[thetoadwarrior]

I agree 100%. I guess I'm in the minority but I love Vista UAC. Fairly often I will carelessly click something, and UAC gives me a second chance to abort before it's too late. UAC is only useful 1 time in 20, but I thank my lucky stars that 1 time.

Your comment reminds me of that a shirt sold by T-shirt hell which said on it "What about the good things Hitler did?".

Re:If it was easy--

[dna_(c)(tm)(r)]

Your comment reminds me of that a shirt sold by T-shirt hell which said on it "What about the good things Hitler did?".

I want one with "Remember Godwin's Law" on it.

Re:If it was easy--

[funkatron]

So what should Microsoft be doing?

The one thing that's always worked before. Design a new colour scheme and let the marketing department do the rest.

Re:No Script Bragging -- please stop

[Anonymous Coward]

seriously. Why wear a condom when you're jacking it to porn while your wife sleeps. Seems kind of silly.

Re:OSX UAC

[that this is not und]

Maybe he's talking about MacOS 7.5.3 and the command prompt you can get in classic MacOS if you install Gnu Emacs and do a ' X shell' to get the command prompt.

(yes- a command prompt reachable on MacOS 7)

I have a mind the flips to the opposite automatically. I hear 'finder' and automatically think 'loser' for some reason....