Long Zheng and Rafael had come up with proof earlier that malware can turn off UAC in Windows 7. Later Microsoft responded insisting that this is by design and actually not a bug. Microsoft has finally agreed to do changes to the Windows 7 UAC and deliver the changes to the Windows 7 Release Candidate. Jon DeVann and Steven Sinofsky have blogged about the two changes Microsoft is planning to bring to Windows 7 RC:
- UAC control panel will run in a high integrity process
- Changing the level of the UAC will also prompt for confirmation
There you go! Simple changes, but brings out big differences to the way UAC behaves in Windows 7!
UAC control panel will run in a high integrity process
UAC control panel running in a high integrity process means it requires elevation. So, you might get prompted to change the UAC settings in your system, even if you are an protected admin (the default user account created during the installation process)
Expect the UAC icon appear just before the setting Change User Account Control Settings in the above screenshot in Windows 7 RC
Changing the level of the UAC will also prompt for confirmation
As there is going to be a prompt for confirmation to change the UAC level, expect a prompt when you click Ok to change your UAC settings
These two changes are more than enough to make Windows 7 UAC to respond to the threat Zheng and Rafael had come up. The user now, when running a malware has to bypass the UAC prompt in order to execute it.
Jon and Steven still insisted on - Malware making it onto a PC and being run Vs What it can do once it is running - and treat very seriously the ability to get code on a machine and run without consent.
They were also very serious that users should still not download code and run it unless the source is trusted. HTML, EXE, VBS, BAT, CMD and more are all code and all have the potential to alter the environment (user settings, user files) running as a standard user or an administrator.
So, here we have - many were furious about this UAC flaw, Microsoft listened, reiterated back that 'this is by design' and now have responded really well!
Thanks Microsoft!
UAC Silent mode is the same thing as turning it off. If a program automatically gets elevated when it asks, what is the point?
LOL when you say "Compromises!", you are sending a mixed signal here.
The editions are a little much, but let's see how the prices shake out. Please Microsoft, hit a home run for everyone's sake...
I think you're being a little over-dramatic. It's not like Mac and Linux users would care that much if Microsoft fails with Windows 7. On the other hand, if it does fail (doubtful), maybe you're suggesting it would be bad for everyone since Windows is so prevalent. Which goes to show much much reliance the world has on a sole company I suppose.
But I think you're just being over-dramatic.
No.
Go to the linked blog and read. Essentially:
"UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working"
The UAC always gets on top of everything, that's why the entire screen becomes dark grey transparent.
Secure desktop solves this problem AND programs sending keystrokes. What UAC does is set up a another desktop using a snapshot of your desktop as the background to make it seem like it is just a pop up window but is really on it's own desktop. Applications can't send keystrokes to this other desktop.
No, they're doing it because it was the right thing to do. Press will still (and always) report the news, and sometimes the perception of a minor issue will appear overblown since every news organization seems to feed off of bad press.
Microsoft is making changes based on user feedback from the Beta to make it the best Windows they can. The changes would have been made whether the media made a big stink or not.
Maybe if we all make a big fuss about how the colors of the icon make 7 less secure than Vista they'll change it!
yellow/blue = UAC
red/green/yellow/blue = general Windows security-related settings
Vista's one is definitely better. It is the Windows logo colors, while this new one is just weird.
Now we can all get back to saying how much we are looking forward to using Windows 7 !
This problem was the ONLY thing wrong with win 7 now that it has been dealt with by microsoft people (and me) can breathe more easily.
And I think that is the main reason why micorsoft did it, so no one, but no one could say anything bad about windows 7.
Good on ya microsoft !
now if they can only fix the copy and paste speed....but way to go MS.
http://channel9.msdn.com/forums/Coffeehous...ommentID=437606
But, they didnt bother and the bad news it generated on web finally made them to fix this in RC. I think we should not hurry with Windows 7. Fix bugs like these and get a better product during RTM.... or else it will be a irony to again wait for SP1 of Windows 7
Hope it rocks everywhere as XP does....(though vista is good..but win 7 is gr
Last edited by guruparan on 06 Feb 2009 - 07:45
http://community.winsupersite.com/blogs/pa...f-the-plan.aspx
So this was a setup all along, according to Thurrott? >.<
Also, the E7 blog itself states that "The second change is due directly to the feedback we're seeing" while Paul claims that MS refuses to admit that they changed their minds due to feedback.
Whatever...
Last edited by JonathanMarston on 06 Feb 2009 - 08:19
http://community.winsupersite.com/blogs/pa...f-the-plan.aspx
So this was a setup all along, according to Thurrott? >.<
right, paul thurrot is so 2k1,,,just so...
Without UAC disabled in the first place anyway you won't be making registry changes without triggering it.
Vista remains safer than Win7
Windows 7 will be more secure than Vista, period!
Way to state the obvious.
Windows 7 will be more secure than Vista, period!
wut? the level in win7 ist just the same as in xp! who the hell say's that malware HAS to change the uac level permanently to harm your comp or execute what ever it needs...setting it to HIGH would do the justice period!
but hey,,maybe iam going back to win2k after 2 years of using vista,,,just to be safe from this joke security of xp and which win7 is!
actually it's more a question about the quantitity of users, not the quality of the product! sadly...
Last edited by qwertz123 on 06 Feb 2009 - 18:21
Opps, I really want them to fix the transfer speed between drives and though the network,
Opps, I really want them to fix the transfer speed between drives and though the network,
it's called KB938979
And to the naysayers, NO, this will not make Windows 7 "like Vista" again. :p
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.