Vista's UAC security is colour blind

Windows Vista's User Account Control (UAC), a system that Microsoft says makes the new operating system safer from attack, can be spoofed and shouldn't be completely trusted, said a Symantec researcher.

Ollie Whitehouse, an architect at Symantec's advanced threats research team, first used a blog entry to point out how a hacker could use a file included with Vista to disguise the UAC warning dialog in a colour associated with alerts generated by Windows itself.

The process to spoof a UAC dialog is roundabout, but doable, said Whitehouse. It would start with a user falling for any one of the current hacker tricks. "The most likely scenario is that a user gets compromised by malicious code, from a Trojan or a vulnerability in a third-party application like Office or a browser," he said in an interview.

Next, the malicious code would drop a malformed .dll file onto a part of the hard drive that the user, who would presumably be running as a restricted Standard User, was allowed to write to. Because the user has rights to write to the disk, a UAC wouldn't pop up at that point.

View: Full Article @ TechWorld

Previous Story
Online Petition asks Blair to pressure Microsoft
Next Story
Wii Invades Retirement Home