Microsoft listens, changes UAC behavior in Windows 7

Long Zheng and Rafael had come up with proof earlier that malware can turn off UAC in Windows 7. Later Microsoft responded insisting that this is by design and actually not a bug. Microsoft has finally agreed to do changes to the Windows 7 UAC and deliver the changes to the Windows 7 Release Candidate.

Jon DeVann and Steven Sinofsky have blogged about the two changes Microsoft is planning to bring to Windows 7 RC:

  • UAC control panel will run in a high integrity process
  • Changing the level of the UAC will also prompt for confirmation

There you go! Simple changes, but brings out big differences to the way UAC behaves in Windows 7!

UAC control panel will run in a high integrity process

UAC control panel running in a high integrity process means it requires elevation. So, you might get prompted to change the UAC settings in your system, even if you are an protected admin (the default user account created during the installation process)

Expect the UAC icon appear just before the setting Change User Account Control Settings in the above screenshot in Windows 7 RC

Changing the level of the UAC will also prompt for confirmation

As there is going to be a prompt for confirmation to change the UAC level, expect a prompt when you click Ok to change your UAC settings

These two changes are more than enough to make Windows 7 UAC to respond to the threat Zheng and Rafael had come up. The user now, when running a malware has to bypass the UAC prompt in order to execute it.

Jon and Steven still insisted on - Malware making it onto a PC and being run Vs What it can do once it is running - and treat very seriously the ability to get code on a machine and run without consent.

They were also very serious that users should still not download code and run it unless the source is trusted. HTML, EXE, VBS, BAT, CMD and more are all code and all have the potential to alter the environment (user settings, user files) running as a standard user or an administrator.

So, here we have - many were furious about this UAC flaw, Microsoft listened, reiterated back that 'this is by design' and now have responded really well!

Thanks Microsoft!

Report a problem with article
Previous Story

Ballmer tells companies to upgrade from XP

Next Story

Google Chrome getting extensions in May?

63 Comments

Commenting is disabled on this article.

Wow a security hole fixed in 48 hours! Not bad! Not bad at all! Much better than Firefox's record of a fixing a security hole in 36 hours.

blade1269 said,
hey,

Opps, I really want them to fix the transfer speed between drives and though the network,


it's called KB938979

A mandatory prompt upon changing UAC is good for me. Good show! I love the increased transparency "7" has had from past versions.

No, it just means if you're going to change the level of your UAC settings, the UAC will prompt you and ask you whether you want to change it or not. That way, malware can't change your level of security and harm your comp.

Thats what I did when the first 'issue' was discovered, and thats what I'll do when I buy Windows 7. Better to be safe than sorry and Vista's UAC didn't bother me.

I don't know what Paul's problem is. There was already evidence that MS was already making changes (for instance, Rafael's blog states that "birdies" told him that the UAC exploit using rundll32.exe was already fixed in internal builds), so the statement that Paul points out still stands.

Also, the E7 blog itself states that "The second change is due directly to the feedback we're seeing" while Paul claims that MS refuses to admit that they changed their minds due to feedback.

Whatever...

Gotta keep yourself relevant even though others do a better job than yourself, eh? The time that he's the first to break this and that about Windows news has long passed.

Great news!...and also, i showed my Windows 7 installed to my colleagues...they were very impressed & seeing the memory usage compared to Vista, they were delighted..

Hope it rocks everywhere as XP does....(though vista is good..but win 7 is gr8)

They knew about this issue way back in Pre- Beta (6801 build) and they had promised to fix this in Beta build
http://channel9.msdn.com/forums/Coffeehous...ommentID=437606

But, they didnt bother and the bad news it generated on web finally made them to fix this in RC. I think we should not hurry with Windows 7. Fix bugs like these and get a better product during RTM.... or else it will be a irony to again wait for SP1 of Windows 7

Great news !!!
Now we can all get back to saying how much we are looking forward to using Windows 7 !
This problem was the ONLY thing wrong with win 7 now that it has been dealt with by microsoft people (and me) can breathe more easily.
And I think that is the main reason why micorsoft did it, so no one, but no one could say anything bad about windows 7.
Good on ya microsoft !

In related news, does everyone like the new Windows shield colors of yellow and blue? I'm still rather partial to the multicolored one from Vista.

I liked the Vista version better, too

Maybe if we all make a big fuss about how the colors of the icon make 7 less secure than Vista they'll change it!

Chrono951 said,
In related news, does everyone like the new Windows shield colors of yellow and blue? I'm still rather partial to the multicolored one from Vista.

Vista's one is definitely better. It is the Windows logo colors, while this new one is just weird.

Glad there doing it, but their only doing this cause its getting too much press that Windows 7 is less secure than vista.

primortal said,
Glad there doing it, but their only doing this cause its getting too much press that Windows 7 is less secure than vista.


No, they're doing it because it was the right thing to do. Press will still (and always) report the news, and sometimes the perception of a minor issue will appear overblown since every news organization seems to feed off of bad press.

Wow, that would be hysterical if you weren't trying to be serious!

Microsoft is making changes based on user feedback from the Beta to make it the best Windows they can. The changes would have been made whether the media made a big stink or not.

is this actually solving the problem? Could a malware or script simulate the keyboard or mouse events to defeat it again?

asianrox said,
is this actually solving the problem? Could a malware or script simulate the keyboard or mouse events to defeat it again?


No.

Go to the linked blog and read. Essentially:

"UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working"

What about using an attack similar to recent flash player security flaw where a user is tricked to click through? That is, an attacker could pop up a window cover the UAC prompt and trick user to click? I think Microsoft needs to be very careful and not too over confident on their quick fix.

UAC prompts appear on the screen at random locations. There is no way to predict where they will appear, making it impossible to cover them with an overlay.

asianrox said,
is this actually solving the problem? Could a malware or script simulate the keyboard or mouse events to defeat it again?


The UAC always gets on top of everything, that's why the entire screen becomes dark grey transparent.

asianrox said,
What about using an attack similar to recent flash player security flaw where a user is tricked to click through? That is, an attacker could pop up a window cover the UAC prompt and trick user to click? I think Microsoft needs to be very careful and not too over confident on their quick fix.

Secure desktop solves this problem AND programs sending keystrokes. What UAC does is set up a another desktop using a snapshot of your desktop as the background to make it seem like it is just a pop up window but is really on it's own desktop. Applications can't send keystrokes to this other desktop.

The change to the UAC is lovely news. Well done Microsoft! Just hearing that your listening to people makes me even more excited for Windows 7.

Impressive and greatly appreciated. I have sensed a new face of Microsoft in the Windows Engineering department, yet sadly, the same old marketing department execs still sit and argue to see how many editions they can spit out and how much they can charge for them.

The editions are a little much, but let's see how the prices shake out. Please Microsoft, hit a home run for everyone's sake...

dcoaster said,
Please Microsoft, hit a home run for everyone's sake...

I think you're being a little over-dramatic. It's not like Mac and Linux users would care that much if Microsoft fails with Windows 7. On the other hand, if it does fail (doubtful), maybe you're suggesting it would be bad for everyone since Windows is so prevalent. Which goes to show much much reliance the world has on a sole company I suppose.

But I think you're just being over-dramatic.

The "everyone" should have been aimed at those that want to buy a PC with or upgrade to Windows 7. Nobody likes to see an exorbitant price on something that could be much cheaper.

I'm glad they are addressing this issue, it will keep many people happy and keep the good image Win7 already has.

It would be nice as a bonus, if they would change the "Never notify" setting-level to be UAC in Silent mode, rather than turning it off altogether.

Athernar said,
It would be nice as a bonus, if they would change the "Never notify" setting-level to be UAC in Silent mode, rather than turning it off altogether.

UAC Silent mode is the same thing as turning it off. If a program automatically gets elevated when it asks, what is the point?