Archive for the 'UAC (User Account Control)' Category
Make User Account Control (UAC) Stop Blacking Out the Screen in Windows Vista
Friday, March 23rd, 2007In Windows Vista, the screen goes dark when the User Account Control window comes up, which is extremely annoying. They call it the “Secure Desktop”, but I think it’s obnoxious. Note that this will make your system less secure before proceeding. Update: Windows Vista Home users should use the registry patch at the bottom of [...]
Confusion about Vista Features: What UAC Really Is
Saturday, March 10th, 2007As you may know I am just putting the finishing touches on a new book. Roger Grimes and I teamed up to write Windows Vista Security. In the course of doing the research for the book, and just keeping up with the popular press lately, it has become obvious that there is a lot of [...]
Windows Vista Hit by User-Privilege Vulnerability
Saturday, March 3rd, 2007A security firm has discovered one of the first security flaws to directly affect Windows Vista, a bug that it claims allows local users to escalate their privileges. The flaw involves Windows’ system for managing user security levels, User Account Control (UAC), which was introduced with Vista. UAC is designed to limit the damage that [...]
Vistas UAC warnings can hide a rat, Symantec says
Saturday, March 3rd, 2007Windows Vista’s User Account Control (UAC), a system that Microsoft Corp. says makes the new operating system safer from attack, can be spoofed and shouldn’t be completely trusted, a Symantec Corp. researcher said today. Ollie Whitehouse, an architect at Symantec’s advanced threats research team, first used a blog entry yesterday to point out how a [...]
UAC isnt a security feature, really?
Thursday, February 22nd, 2007The press has been having a field day with headlines like this one due to a recent post by Mark Russinovich which explains how UAC and its integrity levels (user rights separation) work, among other things. The part of the post that people grabbed onto was his statement that ‘It should be clear then, [...]
Microsoft: UAC not a security feature
Sunday, February 18th, 2007For those who thought the User Account Control (UAC) feature introduced in Windows Vista was intended to set security boundaries, Microsoft has made a clarification: it isn’t. The message is attracting criticism from security experts, one of whom said it made features such as UAC seem like nothing more than a "joke".
What the UAC hole is really about
Sunday, February 18th, 2007Fellow blogger Ryan Naraine had a blog "Hacker, Microsoft duke it out over Vista design flaw" where he reported on a disagreement between elite researcher Joanna Rutkowska (Singapore-based Coseinc) and elite programmer Mark Russinovich (formerly Sysinternals and acquired by Microsoft). I’ve spoken with both of these people and I have a lot of [...]
Hacker, Microsoft duke it out over Vista design flaw
Friday, February 16th, 2007Joanna Rutkowska has always been a big supporter of the Windows Vista security model. Until she stumbled upon a "very severe hole" in the design of UAC (User Account Control) and found out — from Microsoft officials — that the default no-admin setting isn’t even a security mechanism anymore. Rutkowska, a hacker with a track [...]
How to make yourself a real administrator in Vista
Friday, February 16th, 2007One of the new things which were introduced by Windows Vista is brand new user accounts management, which allows system administrators to create various user accounts with strictly limited permissions. This may be handy for someone in net cafe or parents who want to protect the computer from their children, but it may cause also [...]
How to lock yourself out of Windows Vista
Friday, January 19th, 2007Vista’s new User Account Control (UAC) is a great feature that means you don’t need to be logged in as an administrator all the time. If you practice safe computing under Vista, then you should be running a standard user account, with limited security privileges. If an application needs administrator privileges - to change system [...]
