main
Report a problem

Microsoft: UAC Can Be Hijacked by Social Engineering

Daniel Fleshbourne   on 27 February 2007 - 13:45 · 17 comments & 3515 views

Advertisement (Why?)
Microsoft's UAC in its Vista operating system release was meant to signify that finally, the company has gotten serious about securing Windows by limiting a user's rights during day-to-day computer usage. It's come to signify something much less than security or trust in the minds of some security experts, though. Security expert Joanna Rutkowska kicked off the dissection of UAC in her blog, and the latest salvo against User Account Control was heaved by Symantec Research Scientist Ollie Whitehouse with a Feb. 20 posting titled An Example of Why UAC Prompts in Vista Can't Always Be Trusted.

The upshot: Microsoft has admitted that yes, UAC is liable to social engineering. The idea behind User Account Control is to limit user privileges as much as possible for most of a user's interaction with the desktop. User rights are elevated only when necessary for administrative tasks, at which point a dialog box prompts the user to OK the escalation. Limiting normal permissions is a good thing, given that it reveals less operating system surface for an attacker to latch onto. The problem, according to Whitehouse, is the level of trust granted to UAC prompts—a level of trust that he thinks is undeserved.

View: The full story
News source: eWeek

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Daniel Fleshbourne
User name: Daniel
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 17 additional comments
#1 GreyWolfSC on 27 Feb 2007 - 14:41
Interesting... and the first thing that I get going to eWeek's article is a prompt saying...
"eWEEK.com would like to know more about how you deal with today's IT security concerns. Would you help us by answering a few quick questions? Y/N" Um... no? That's exactly the kind of thing that IS a security concern?
(1 reply) #2 Netrack on 27 Feb 2007 - 15:44
Isnt this the most obvious statement ever made? Obviously if you can convince someone to give you their password and anyother sensative data there is nothing MS, OSX,Linux, furby the dog can do to protect the user




MS can fix stupid users
#2.1 vetmarkjensen on 27 Feb 2007 - 17:47
This isn't about scamming passwords. It does involve stupid users, though. This is about the spoofing of untrusted third-party malicious apps "using the calming teal color to disguise its nefarious purpose". The teal color is apparently reserved for trusted Microsoft software components.

The user of a compromised system would be led to believe that malware was part of the Microsoft OS by its color.

Again, it takes a stupid user (or a local user with malicious intent) to initially compromise the box. And no software can cure that - only proper administration that keeps untrusted users with little or no permissions.
(1 reply) #3 Aero Ultimate on 27 Feb 2007 - 15:49
They did have good intentions when planning Uac, but the implementation is still severely flawed.
What they need to do is add individual rights management for every single application, completely independent from the user rights.
#3.1 Foub on 27 Feb 2007 - 23:16
The road to hell is paved with good intentions.

BTW, in the game of Doom its the company UAC which opens a gate to hell....
#4 dl0711 on 27 Feb 2007 - 17:13
yes they did have good intentions.. but they could have done alot better on Vistas Security but they did not they had all there time spent on other stuff in Vista like Flip-3D and the Aero Glass interface. I like the new look but was it really necessary??? NO it was not.. the only thing that should have been there Number 1 top priority was Security..
(2 replies) #5 PureLegend on 27 Feb 2007 - 18:49
You guys seem to forget some Linux distros such as Ubuntu have this sort of thing.
#5.1 ichi on 27 Feb 2007 - 20:28
What sort of thing?
#5.2 +Ned on 01 Mar 2007 - 07:49
You have to enter your password for every administrative task in Ubuntu (but not every time...hard for me to explain).

I run as a desktop user in Ubuntu and don't have any problems with it.
#6 +Dakkaroth on 27 Feb 2007 - 19:01
Wasn't this last weeks news on Neowin?
#7 Evolution on 27 Feb 2007 - 20:48
I love these types of articles... they seem to give members here the excuse to BS about things that aren't true or are ridiculous or taken to an extreme....

Microsoft will fix this, and UAC is implemented pretty well.... the problem is with the software developers of applications.
(2 replies) #8 kerunt on 27 Feb 2007 - 21:48
I'm wondering if the UAC system can be abused...

The following is just a theory:

- a malicious user creates a program which looks just like UAC and actually displays "above" the UAC layer - covering the information about what's going on, but not covering the OK/CANCEL buttons.. Since this program is visually identical to UAC, it could have some innocent prompt to which 99% of users will click OK. In reality, the program is doing something malicious in the background. The UAC prompt pops up, with this malicious program covering (hiding) what's really going on. The user clicks the OK button (which isn't covered), and off the malicious code goes...

Possible in theory?
#8.1 Andareed on 27 Feb 2007 - 22:21
If you have the secure desktop feature of UAC enabled apps won't be able to interact with the UAC prompt, everything else will be dimmed, and the UAC prompt will be in the foreground.

If you disable secure desktop, an app can just simulate an allow click.
#8.2 Ideas Man on 27 Feb 2007 - 23:25
As Andareed said, secure desktop is designed to stop this from happening. If it's enabled, it takes a screenshot of your desktop and dims it, then displays the real UAC prompt. You will be able to easily see the fake one because for one you won't be able to move it, it will be dimmed and half will be cut off, so no, it's not really easy to spoof it.
#9 Primetime2006 on 28 Feb 2007 - 00:20
This effects only idiots stupid enough to fall for it.

I love how they try and once again blame MS. Yes MS made you stupid, yes MS should be able to somehow stop people from convincing other people to give out their information.

Morons.

#10 Hak Foo on 28 Feb 2007 - 01:25
IMO, the biggest problem of UAC is the risk of becoming the OS that cries wolf.

If it shows up too often, people will automatically click "Go ahead".

"Are you sure you want to open device manager?" Yes, that's why I clicked it!

"Are you sure you want to change your wireless network settings?" Yes, that's why I clicked it.

"Are you sure you want to format your hard disc?" Yes... oh crap!
#11 Septimus on 28 Feb 2007 - 09:09
The whole point with standard level users is they have to enter the admin password.

For these cases where users are that stupid (i.e. XP users who got viruses and spyware), you _don't_ give them the admin rights password.

That's the fracking point!

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1390) © 2000 - 2008 Neowin.net