Long Zheng of I Started Something has uncovered a flaw in Windows 7's UAC that means malware can elevate itself to administrator privileges. This news comes after a previously discovered flaw in Windows 7's new tiered UAC system that meant malware can disable UAC silently.
Zheng has stated "a second UAC security flaw in the Windows 7 beta's default security configuration allows a malicious application to autonomously elevate themselves to full administrative privileges without UAC prompts or turning UAC off", which is bad news for Microsoft. It is also bad news for all the people currently running the Windows 7 beta, leaving them with a security risk. Zheng recommends that, if you're using Windows 7 currently, set your UAC to High to reduce any potential problems. For more information on how to set the UAC level please read our UAC overview.
Windows 7 has the ability to allow Microsoft-signed applications to become 'trusted' by UAC, reducing the number of UAC prompts. However, certain Microsoft applications can execute third-party code, which, while being for legitimate reasons, can be exploited for malicious purposes. This can fool the average consumer, as they would (correctly) assume Microsoft products are safe, and that then has a flow-on effect, leaving them assuming that any code run within Microsoft products is also safe.
Microsoft has not commented on this latest flaw but last week Microsoft denied the original flaw was not a risk. Rumors are that it will be addressed internally and Microsoft will be making a statement regarding these issues.
For more information on this risk, and a non-malicious file to try this flaw for yourself, head over to Within Windows to check it out.