Malware can turn off UAC in Windows 7 Beta version

Computer security Researchers have found a potentially serious vulnerability in the User Account Control (UAC) applied in Windows 7. Microsoft is denying that there is a security hole in the UAC (User Account Control) feature of Windows 7 “I can tell you that this is not a vulnerability,” a spokesman for Microsoft through its public relations team said in an e-mail.
Microsoft is aware of this issue, however, it seems that did not intend to make changes in the operating system code.
UAC – security features first introduced in Windows Vista in order to confirm the permission of the user to launch applications. Its main goal was to fight against malware.
In the beta version of Windows 7 Microsoft has changed the technology, allowing the user to set four different levels of security, which, among them eliminate the warnings when performing routine tasks in order to reduce the annoying.

A Malware can exploit This UAC hole while users are confident that the feature works. To prove this blogger Long Zheng with Rafael Riveyroy developed a VBScript code that emulate clicking a button in which disabling the UAC.

And until Microsoft decides to make fix Zheng recommends all users to switch UAC policy to “Always Notify” , this is stressing but at least provides security.

Share