Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

UAC security hole?

microsoft.public.windows.vista.security






Speedup My PC
Reply
  #1 (permalink)  
Old 09-28-2008
Steve Thackery
 

Posts: n/a
UAC security hole?
The following article:

http://blogs.techrepublic.com.com/itdojo/?cat=3

....shows a way of running UAC-restricted programs without a UAC prompt.
Basically, you create the restricted program as a task in Task Scheduler,
set it to "Run with highest privileges", and then create a shortcut to the
task.

From then on you can run the program without the UAC prompt.

Regardless of what you think about UAC, doesn't this sound like a fairly
serious security breach? Bearing in mind that Microsoft have made a
software tool available for UAC-enabling old applications on a case-by-case
basis, it sounds like they didn't realise you could do it much more simply
using Task Manager.

I can imagine malware might be able to set up a new task in Task Manager,
with the highest privileges, and run hostile code without the user being
prompted.

I'm no expert on Vista's security mechanisms, but do you guys think this
could be a security hole? Do you expect Microsoft to plug this particular
"feature"?

SteveT

Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 09-28-2008
barman58
 

Posts: n/a
Re: UAC security hole?

Steve Thackery;847441 Wrote:
> The following article:
>
> 'IT Dojo | TechRepublic.com'
> (http://blogs.techrepublic.com.com/itdojo/?cat=3)
>
> ....shows a way of running UAC-restricted programs without a UAC
> prompt.
> Basically, you create the restricted program as a task in Task
> Scheduler,
> set it to "Run with highest privileges", and then create a shortcut to
> the
> task.
>
> From then on you can run the program without the UAC prompt.
>
> Regardless of what you think about UAC, doesn't this sound like a
> fairly
> serious security breach? Bearing in mind that Microsoft have made a
> software tool available for UAC-enabling old applications on a
> case-by-case
> basis, it sounds like they didn't realise you could do it much more
> simply
> using Task Manager.
>
> I can imagine malware might be able to set up a new task in Task
> Manager,
> with the highest privileges, and run hostile code without the user
> being
> prompted.
>
> I'm no expert on Vista's security mechanisms, but do you guys think
> this
> could be a security hole? Do you expect Microsoft to plug this
> particular
> "feature"?
>
> SteveT


Hi Steve,

As the UAC operates on task scheduler anyway I think the hole is
plugged. the method you mention is a way for an admin to provide access
to UAC controled apps to a standard user without providing a password.
you still have to go through the UAC to set it up.

hope this clarifies


--
barman58

Regards,
*Nigel*
the beginning of knowledge is the discovery of something we do not
understand.,- frank herbert
Reply With Quote
  #3 (permalink)  
Old 09-28-2008
Steve Thackery
 

Posts: n/a
Re: UAC security hole?
> The method you mention is a way for an admin to provide access
> to UAC controled apps to a standard user without providing a password.
> you still have to go through the UAC to set it up.


OK, so you're saying that malware that attempted to set up such a task would
itself trigger the UAC prompt?

That makes sense. I hope you are right and that there aren't any
workarounds. I'm one of the few people on the planet who actually
appreciates UAC. I'm only too pleased that Vista warns me when something
with security implications is about to happen.

SteveT

Reply With Quote
  #4 (permalink)  
Old 09-28-2008
barman58
 

Posts: n/a
Re: UAC security hole?

Hi steve,

Yes that's the way it I believe it operates, the UAC requires user
input and the disabling of the desktop (Screen Blanking) means that
malware cannot simulate this input.

I too am a believer in the UAC what we need now is for software
developers to work to the regime and not write user programs to require
Admin rights, which is where a lot of the disstisfaction with UAC comes
from. This requirement was within the Spec for XP (just not implemented)
so they have no real excuse after all this time. Vista's implementation
of the spec will push then in the right direction but I won't be holding
my breath. Until this requirement is met Admins who work in the real
world will have to resort to these type of workrounds


--
barman58

Regards,
*Nigel*
the beginning of knowledge is the discovery of something we do not
understand.,- frank herbert
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
The ARDAgent security hole: What you need to know Steve Security News 0 06-28-2008 10:10
Security hole in Windows microsoft.public.windows.vista.general 0 11-12-2007 21:22
AOL IM Security Hole Unplugged? Steve Security News 0 09-28-2007 14:00
AOL IM Security Hole Unplugged? Steve Security News 0 09-26-2007 18:50
SCADA Security Hole Paul Security News 0 05-08-2007 23:25




All times are GMT +1. The time now is 06:09.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120