Microsoft says
Windows 7 is safer,
better lookng and
faster than Vista.
But some security
loopholes that have
existed right from
the beta phase
have still not been
completely dealt
with. The main problem lies with the revamped User Account
Control system (UAC) which has been toned down since users
found the Vista version too intrusive. Ever sincne Vista, the
user runs with only limited rights. If he wants to make system
related changes, a UAC warning message is displayed and admin
rights must be proven. However the annoying pop-ups used to
appear even for very small updates.
The new UAC from Windows 7 was designed to let the user
control how alarms are raised, but the default low setting
allowed hackers to run a simple script that let them later
run any program with admin rights. Attackers can turn off
the UAC through DLL injection even in the release candidate.
Thus, every program gets admin rights with just a click of the
mouse.Even worse: Internet Explorer's Protected Mode can be
disabled without the user being aware.
No comments:
Post a Comment