Feeds

High-slider integrity planned for Windows 7 UAC

Microsoft spins on flack attack

Reducing the cost and complexity of web vulnerability management

Microsoft has promised changes to a frustrating Windows security feature inside Windows 7, following reported vulnerabilities and an avalanche of criticism.

The Windows 7 User Account Control (UAC) will feature improved protection, apparently intended to prevent unauthorized access and stop malicious from code piggybacking on approved code in the planned operating system.

Two senior Microsoft executives blogged late Thursday that the UAC control panel "will run in a high integrity process, which requires elevation." That means script running at medium integrity cannot manipulate the UAC panel's slider control, Microsoft told The Register.

Also, any changes made to the slider will prompt a pop-up that asks for user consent, even if your UAC alerts are set to "never notify," the company said.

The alerts and pop-up screens generated by UAC when new codes comes near Windows 7's predecessor, Windows Vista, have proved so frustrating that the internet is now full of advice on ways to hack the panel and turn off UAC.

Windows core operating system division senior vice president Jon DeVaan and senior vice president of the Windows and Windows Live engineering group Steven Sinofsky put their names to the post towards the end of a week that's seen Microsoft grapple with reported vulnerabilities in the UAC in beta versions of Windows 7 code.

For DeVaan, it was his second post on Windows 7's UAC and followed an earlier solo blog post on Microsoft's official IE7 blog that had the opposite effect of soothing jangled nerves on the apparent vulnerabilities.

DeVaan had tried to reassure Windows 7 testers that vulnerabilities exposed in Windows 7's UAC could not be considered "vulnerabilities" because the malicious code had to first install on the PC, and this would require the users' consent.

According to DeVaan, this could not happen and there had been no reported cases of malicious code getting past users.

Far from working, DeVaan's defense IE7 blog drew further heat, inspiring comments such as this from sroussey, which was cited in the DeVaan and Sinofsky effort:

You have 95% of the people out there think you got it wrong, even if they are the ones that got it wrong. The problem is that they are the one's that buy and recommend your product. So do you give them a false sense of increased security by implementing the change (not unlike security by obscurity) and making them happy, or do you just fortify the real security boundaries?

Also, there was this from @Thack:

Jon,

Thanks for sharing your thoughts. I understand your points.

Now, I want add my voice to the call for one very simple change:

Treat the UAC prompting level as a special case, such that ANY change to it, whether from the user or a program, generates a UAC prompt, regardless of the type of account the user has, and regardless of the current prompting level.

That is all we are asking. No other changes. Leave the default level as it is, and keep UAC as it is. We're just talking about the very specific case of CHANGES to the UAC prompting level.

It will NOT be a big nuisance - most people only ever change the UAC level once (if at all).

Despite your assurances, I REALLY WANT TO KNOW if anything tries to alter the UAC prompting level.

The fact that nobody has yet demonstrated how the putative malware can get into your machine is NO argument. Somebody WILL get past those other boundaries eventually.

Even if you aren't convinced by my argument, then the PR argument must be a no-brainer for Microsoft.

PLEASE, Jon, it's just a small change that will gain a LOT of user confidence and a LOT of good PR.

Thack

Sinofsky and DeVaan blamed the response to DeVaan's original post on "poor communication." They said the changes were already in the works before this "discussion".

"When we started the 'E7' blog we were both excited and also a bit uneasy. The excitement is obvious. The unease is because at some point we knew we would mess up. We weren't sure if we would mess up because we were blogging about a poorly designed feature or mess up because we were blogging poorly about a well-designed feature. To some it appears as though with the topic of UAC we've managed to do both," the duo said late Thursday. ®

New hybrid storage solutions

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.