Apparently, Microsoft is attempting to stand behind Vista, to the point where they’ve told several researchers and hackers that the User Account Control system is not buggy nor an issue when dealing with security.
Doesn’t sound like much until you read into the stories and discover that the UAC houses vulnerabilities that allow attackers to install software into the Kernel or allow attackers to forge the message alert that UAC uses for software installs.
You see, UAC uses color coded alert messages for software installs to attempt to get users to realize, just from the color, if the software is trusted or not. Green means it’s part of the operating system. Blue means a third party application, but signed and Yellow means not signed. This vulnerability would allow something that would normally be Yellow to turn Green and one click can give an attacker full access to the computer.
Microsoft had the following to say: (stolen from Symantec)
“It’s very important to remember that UAC prompts are not a security boundary — they don’t offer direct protection,” said Whitehouse. “They do offer you a chance to verify an action before it happens. Once you allow an action to proceed, there may be no easy way back. So while Microsoft may use the word ‘trust’ in relation to UAC in some of their [other] documentation, in actual fact, even the data these UAC prompts provide you with can’t be trusted.”
Joanna Rutkowska found problems with UAC as well and Microsoft blew her off. Maybe Microsoft is either saying their UAC model is fine the way it is or they’re feverishly working on a solution while appearing to buff on the outside… Either way, I refuse to move to Vista until the release of SP1.
