(Semi OT) UAC exploit possible via fake dialogs?

Discussion in 'Windows Vista Security' started by Fernando, Jun 16, 2006.

  1. Fernando

    Fernando Guest

    Hi all,
    I was thinking about the possibility to fake the UAC prompt for
    credentials by a malicious process, in order to get the admin password.
    In example, a malicious process shows a fake UAC dialog prompting for
    Admin credentials when started, and then stores the admin password for
    later sending or wathever. Since Vista shows too many UAC dialogs, I
    think we will enter the admin credentials in a mechanichal way, so this
    exploit could be possible and easy to implement.
    I'm missing some important technichal data about UAC which prevents
    this? What do you think?

    Fernando
     
    Fernando, Jun 16, 2006
    #1
    1. Advertisements

  2. Fernando

    Jason Guest

    I read somewhere the UAC will be a bit less intrusive in the future.. but I
    thinkif some program did want to put up a "fake" UAC you'd still have to give
    it permission to run.. and then it would also run into the Firewall later on
    assuming you have that enabled also.
     
    Jason, Jun 17, 2006
    #2
    1. Advertisements

  3. Fernando

    Fernando Guest

    Think the following: If I put on a system a custom made executable which on
    run shows a fake UAC dialog and it doesn't requires privileged credentials
    to run, the true UAC never shows, and if this executable never connects to
    the outside and only stores admin passwords on file, in example, to allow
    later retrieval, it also never gets the firewall prompt. Think about a lot
    of people, normal Windows users, which never complains about security, then
    may be it will be a serious security problem.
     
    Fernando, Jun 17, 2006
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.