UAC security hole?

Discussion in 'Windows Vista Security' started by Steve Thackery, Sep 28, 2008.

  1. The following article:

    http://blogs.techrepublic.com.com/itdojo/?cat=3

    ....shows a way of running UAC-restricted programs without a UAC prompt.
    Basically, you create the restricted program as a task in Task Scheduler,
    set it to "Run with highest privileges", and then create a shortcut to the
    task.

    From then on you can run the program without the UAC prompt.

    Regardless of what you think about UAC, doesn't this sound like a fairly
    serious security breach? Bearing in mind that Microsoft have made a
    software tool available for UAC-enabling old applications on a case-by-case
    basis, it sounds like they didn't realise you could do it much more simply
    using Task Manager.

    I can imagine malware might be able to set up a new task in Task Manager,
    with the highest privileges, and run hostile code without the user being
    prompted.

    I'm no expert on Vista's security mechanisms, but do you guys think this
    could be a security hole? Do you expect Microsoft to plug this particular
    "feature"?

    SteveT
     
    Steve Thackery, Sep 28, 2008
    #1
    1. Advertisements

  2. Steve Thackery

    barman58 Guest

    Hi Steve,

    As the UAC operates on task scheduler anyway I think the hole is
    plugged. the method you mention is a way for an admin to provide access
    to UAC controled apps to a standard user without providing a password.
    you still have to go through the UAC to set it up.

    hope this clarifies


    --
    barman58

    Regards,
    *Nigel*
    the beginning of knowledge is the discovery of something we do not
    understand.,- frank herbert
     
    barman58, Sep 28, 2008
    #2
    1. Advertisements

  3. The method you mention is a way for an admin to provide access
    OK, so you're saying that malware that attempted to set up such a task would
    itself trigger the UAC prompt?

    That makes sense. I hope you are right and that there aren't any
    workarounds. I'm one of the few people on the planet who actually
    appreciates UAC. I'm only too pleased that Vista warns me when something
    with security implications is about to happen.

    SteveT
     
    Steve Thackery, Sep 28, 2008
    #3
  4. Steve Thackery

    barman58 Guest

    Hi steve

    Yes that's the way it I believe it operates, the UAC requires use
    input and the disabling of the desktop (Screen Blanking) means tha
    malware cannot simulate this input

    I too am a believer in the UAC what we need now is for softwar
    developers to work to the regime and not write user programs to requir
    Admin rights, which is where a lot of the disstisfaction with UAC come
    from. This requirement was within the Spec for XP (just not implemented
    so they have no real excuse after all this time. Vista's implementatio
    of the spec will push then in the right direction but I won't be holdin
    my breath. Until this requirement is met Admins who work in the rea
    world will have to resort to these type of workround

    --
    barman5

    Regards,
    *Nigel*
    the beginning of knowledge is the discovery of something we do no
    understand.,- frank herbert
     
    barman58, Sep 28, 2008
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.