Report: Windows 7 UAC Still Contains Major Flaw

hemming and hawing vulnerability

UAC boosts security by reducing application privileges from administrative to standard levels to minimize damage caused by exploits, and gives users the chance to approve or disapprove changes to Windows through pop-up alerts. UAC was one of the most reviled aspects of Windows Vista, and Microsoft altered UAC in Windows 7 to let administrators reduce the frequency of alerts.

In a Thursday blog post, Long Zheng, author of the blog istartedsomething, argued that when the default security configuration of Windows 7 UAC is not to notify users of changes, applications without UAC alerts can run code or other applications with administrative privileges.

Microsoft is fully aware of the issue but doesn't seem to grasp its potential implications, according to Zheng. In a recent article on Windows 7 UAC, Mark Russinovich, a Technical Fellow in the Platform and Services Division at Microsoft, downplayed the issue, but Zheng claimed the flaw makes Windows 7 UAC "fundamentally less secure" than Vista UAC.

It's worth noting that Mark Russinovich is one of the most well respected figures in both the Microsoft community and larger security community, so it's highly unusual for Microsoft enthusiasts to question his views. Zheng said he's been aware of the problem for some time and only decided to go public with it after it became apparent that Microsoft hadn't addressed it in the Windows 7 Release Candidate.

id
unit-1659132512259
type
Sponsored post

The problem actually goes beyond just malware and extends to third-party software developers, who could use it to code Windows 7 applications that run in administrative mode and don't generate UAC prompts, Zheng said. Some companies might even see this as a way to market "less annoying" applications to customers, a move that would threaten trust within the Windows ecosystem, he added.

The result of all this is that the default setting of Windows 7 UAC is less secure than Vista UAC, Zheng said. "I recognize that UAC was not designed to be a "security feature" to begin with, but with each new version, an operating [system] shouldn't become less secure and expose more risk to the user," Zheng wrote in the blog post.