• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Windows Vista has large security hole in UAC

zekrahminator

McLovin
Joined
Jan 29, 2006
Messages
9,066 (1.31/day)
Location
My house.
Processor AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard Gigabyte sumthin-or-another, it's got an nForce 430
Cooling Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory 2GB G.Skill DDR2 800
Video Card(s) Sapphire X850XT @ 580/600
Storage WD 160 GB SATA hard drive.
Display(s) Hanns G 19" widescreen, 5ms response time, 1440x900
Case Thermaltake Soprano (black with side window).
Audio Device(s) Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply ThermalTake 430W TR2
Software XP Home SP2, can't wait for Vista SP1.
When Microsoft shipped Windows Vista, they bragged about how secure it was, showing off the User Access Control (UAC) feature. UAC is something that asks a user if they really want it to run a program before simply running it (previous versions of Windows would simply run the program). "Hackette" Joanna Rutkowska found a disturbing loophole through UAC. Apparently, UAC works by running everything as an administrator, and simply asking for confirmation before executing a program. So if something like a game installer triggered off UAC, and a user hit "allow", the program could theoretically be allowed to run a bunch of other things that would individually require administrator privileges. When dealing with things like simple registry changes this is no problem, but when malware is piggybacking in an installer....this effectively ushers in the next generation of Trojan horse viruses. Microsoft does not consider this a serious threat, and thinks of it more like a minor weakness, which is the result of a "design choice".

View at TechPowerUp Main Site
 

EastCoasthandle

New Member
Joined
Apr 21, 2005
Messages
6,885 (0.96/day)
System Name MY PC
Processor E8400 @ 3.80Ghz > Q9650 3.60Ghz
Motherboard Maximus Formula
Cooling D5, 7/16" ID Tubing, Maze4 with Fuzion CPU WB
Memory XMS 8500C5D @ 1066MHz
Video Card(s) HD 2900 XT 858/900 to 4870 to 5870 (Keep Vreg area clean)
Storage 2
Display(s) 24"
Case P180
Audio Device(s) X-fi Plantinum
Power Supply Silencer 750
Software XP Pro SP3 to Windows 7
Benchmark Scores This varies from one driver to another.
Well wouldn't you know...there really is no such thing as a secure os after all. Oh wait, don't believe it just because it comes from the inquirer.;)
 

BXtreme

New Member
Joined
Feb 5, 2007
Messages
1,324 (0.20/day)
Location
Kolkata, India
Processor Intel Core 2 Duo E6400 @ 3.2 ghz|| Core2 T5250
Motherboard Asus P6N Platinum || 965GM
Cooling Air cooling
Memory Kingston 2x1gb DDR2 677mhz || 2x1gb 667mhz
Video Card(s) XFX 8800 GTS 640mb || Geforce 8600GT M
Storage Seagate 500GB Sata || 160gb
Display(s) Samsung 30" HD LCD || 15" lcd (laptop)
Case A not-so-known brand case w/ two fans and some blue lightings
Audio Device(s) Onboard HD
Power Supply Corsair HX620W
Software Mac OS X Leopard, Linux Mint 4.0, and all windoze...geez...
when ppl have Vista they should have a gd antivirus with them, so to get rid of inserted viruses in game packages or software ones, and if the antivirus doesn't get note of the virus, is the user also dumb enough to allow an unknown file ??? This is a minor threat imo also, no one should care unless they don't have proper security in their copy of Windows Vista.
 

EastCoasthandle

New Member
Joined
Apr 21, 2005
Messages
6,885 (0.96/day)
System Name MY PC
Processor E8400 @ 3.80Ghz > Q9650 3.60Ghz
Motherboard Maximus Formula
Cooling D5, 7/16" ID Tubing, Maze4 with Fuzion CPU WB
Memory XMS 8500C5D @ 1066MHz
Video Card(s) HD 2900 XT 858/900 to 4870 to 5870 (Keep Vreg area clean)
Storage 2
Display(s) 24"
Case P180
Audio Device(s) X-fi Plantinum
Power Supply Silencer 750
Software XP Pro SP3 to Windows 7
Benchmark Scores This varies from one driver to another.
when ppl have Vista they should have a gd antivirus with them, so to get rid of inserted viruses in game packages or software ones, and if the antivirus doesn't get note of the virus, is the user also dumb enough to allow an unknown file ??? This is a minor threat imo also, no one should care unless they don't have proper security in their copy of Windows Vista.

Dude, you need to re-read that again.
So if something like a game installer triggered off UAC, and a user hit "allow", the program could theoretically be allowed to run a bunch of other things that would individually require administrator privileges.
 

BXtreme

New Member
Joined
Feb 5, 2007
Messages
1,324 (0.20/day)
Location
Kolkata, India
Processor Intel Core 2 Duo E6400 @ 3.2 ghz|| Core2 T5250
Motherboard Asus P6N Platinum || 965GM
Cooling Air cooling
Memory Kingston 2x1gb DDR2 677mhz || 2x1gb 667mhz
Video Card(s) XFX 8800 GTS 640mb || Geforce 8600GT M
Storage Seagate 500GB Sata || 160gb
Display(s) Samsung 30" HD LCD || 15" lcd (laptop)
Case A not-so-known brand case w/ two fans and some blue lightings
Audio Device(s) Onboard HD
Power Supply Corsair HX620W
Software Mac OS X Leopard, Linux Mint 4.0, and all windoze...geez...
then what for is an antivirus ???
 

EastCoasthandle

New Member
Joined
Apr 21, 2005
Messages
6,885 (0.96/day)
System Name MY PC
Processor E8400 @ 3.80Ghz > Q9650 3.60Ghz
Motherboard Maximus Formula
Cooling D5, 7/16" ID Tubing, Maze4 with Fuzion CPU WB
Memory XMS 8500C5D @ 1066MHz
Video Card(s) HD 2900 XT 858/900 to 4870 to 5870 (Keep Vreg area clean)
Storage 2
Display(s) 24"
Case P180
Audio Device(s) X-fi Plantinum
Power Supply Silencer 750
Software XP Pro SP3 to Windows 7
Benchmark Scores This varies from one driver to another.

BXtreme

New Member
Joined
Feb 5, 2007
Messages
1,324 (0.20/day)
Location
Kolkata, India
Processor Intel Core 2 Duo E6400 @ 3.2 ghz|| Core2 T5250
Motherboard Asus P6N Platinum || 965GM
Cooling Air cooling
Memory Kingston 2x1gb DDR2 677mhz || 2x1gb 667mhz
Video Card(s) XFX 8800 GTS 640mb || Geforce 8600GT M
Storage Seagate 500GB Sata || 160gb
Display(s) Samsung 30" HD LCD || 15" lcd (laptop)
Case A not-so-known brand case w/ two fans and some blue lightings
Audio Device(s) Onboard HD
Power Supply Corsair HX620W
Software Mac OS X Leopard, Linux Mint 4.0, and all windoze...geez...
well, that calls for smarter antivirus, maybe :)
 

EastCoasthandle

New Member
Joined
Apr 21, 2005
Messages
6,885 (0.96/day)
System Name MY PC
Processor E8400 @ 3.80Ghz > Q9650 3.60Ghz
Motherboard Maximus Formula
Cooling D5, 7/16" ID Tubing, Maze4 with Fuzion CPU WB
Memory XMS 8500C5D @ 1066MHz
Video Card(s) HD 2900 XT 858/900 to 4870 to 5870 (Keep Vreg area clean)
Storage 2
Display(s) 24"
Case P180
Audio Device(s) X-fi Plantinum
Power Supply Silencer 750
Software XP Pro SP3 to Windows 7
Benchmark Scores This varies from one driver to another.
Actually you need a 2nd tier UAC that would catch this. In other words you would invest in a good firewall program. In all UAC is just a very "lite" version of an annoying, useless firewall IMO.
 

BXtreme

New Member
Joined
Feb 5, 2007
Messages
1,324 (0.20/day)
Location
Kolkata, India
Processor Intel Core 2 Duo E6400 @ 3.2 ghz|| Core2 T5250
Motherboard Asus P6N Platinum || 965GM
Cooling Air cooling
Memory Kingston 2x1gb DDR2 677mhz || 2x1gb 667mhz
Video Card(s) XFX 8800 GTS 640mb || Geforce 8600GT M
Storage Seagate 500GB Sata || 160gb
Display(s) Samsung 30" HD LCD || 15" lcd (laptop)
Case A not-so-known brand case w/ two fans and some blue lightings
Audio Device(s) Onboard HD
Power Supply Corsair HX620W
Software Mac OS X Leopard, Linux Mint 4.0, and all windoze...geez...
ya agreed lol, but users also need to be more cautious ya know :D, see my thread "Attention Vista users" something about new vista viruses are comin'.
 

WarEagleAU

Bird of Prey
Joined
Jul 9, 2006
Messages
10,812 (1.60/day)
Location
Gurley, AL
System Name Pandemic 2020
Processor AMD Ryzen 5 "Gen 2" 2600X
Motherboard AsRock X470 Killer Promontory
Cooling CoolerMaster 240 RGB Master Cooler (Newegg Eggxpert)
Memory 32 GB Geil EVO Portenza DDR4 3200 MHz
Video Card(s) ASUS Radeon RX 580 DirectX 12 DUAL-RX580-O8G 8GB 256-Bit GDDR5 HDCP Ready CrossFireX Support Video C
Storage WD 250 M.2, Corsair P500 M.2, OCZ Trion 500, WD Black 1TB, Assorted others.
Display(s) ASUS MG24UQ Gaming Monitor - 23.6" 4K UHD (3840x2160) , IPS, Adaptive Sync, DisplayWidget
Case Fractal Define R6 C
Audio Device(s) Realtek 5.1 Onboard
Power Supply Corsair RMX 850 Platinum PSU (Newegg Eggxpert)
Mouse Razer Death Adder
Keyboard Corsair K95 Mechanical & Corsair K65 Wired, Wireless, Bluetooth)
Software Windows 10 Pro x64
More and more reasons why Vista is bad news ATM.
 

Completely Bonkers

New Member
Joined
Feb 6, 2007
Messages
2,576 (0.39/day)
Processor Mysterious Engineering Prototype
Motherboard Intel 865
Cooling Custom block made in workshop
Memory Corsair XMS 2GB
Video Card(s) FireGL X3-256
Display(s) 1600x1200 SyncMaster x 2 = 3200x1200
Software Windows 2003
What is truely bad is the passive response from MS. I would, as a potential customer of Vista, be much more confident in them and the OS if they said "this is an interesting possibility that wasn't anticipated: installation files with both a legitimate purpose but also malicious content. Our primary concern is security, and as such we will investigate how to modify the installer to restrict registry "auto run" to be validated ONLY AFTER a full virusscan of installed files has been completed"

This would be a change in how the registry works... quite a task... but actually a very smart move.
 
D

Deleted member 24505

Guest
uac is really irritating,microsoft dont tell people that.i like most vista users have probably turned off the uac.
 
Joined
Jan 28, 2007
Messages
2,648 (0.41/day)
Location
UK
System Name Ma Biatch
Processor i7 860
Motherboard Gigabyte GA-P55-UD3A
Cooling Noctua
Memory 8gb (4x2gb) G-Skill
Video Card(s) GTX 470
Storage WD5000aaks raid0
Display(s) Sony Bravia 37" 1080p
Case CM 690
Audio Device(s) Onboard
Power Supply Corsair HX520
Software Windows 7 Ultimate
i think a lot of power users and people off here this isnt a problem at all, a lot of us are clued up enough to make our os secure ourselves, however the "average joe" is not so clever, ive fixed countless pc's off friends and family and as soon as it boots the things is clogged to shit trying to load up all kinds of crap thats uneccessary (imo software developers need to take responsibility for this and learn NOT to program there software to automatically startup, if the user is running there software is that not enough? )

and the amont of times ive had someones pc to fix and thought id start up internet explorer and theres like 3-4 different toolbars, one under the other (taking up half the bloody screen) (not too mention being able to browse all the naughty sites they have visited :laugh: clean your goddam browsers people or dont vist pr0n sites :p)

imo windows should make a dummed down version :laugh: for 50% home users (ie: preinstalled with a decent firewall, av, spyware and warn the user not to install all the shit there going to because its "free" :slap: )lol cause its people like them who give the hackers the satisfaction they crave, i never have a problem with virii/spyware/trojans etc cause i know what im doing
 

zekrahminator

McLovin
Joined
Jan 29, 2006
Messages
9,066 (1.31/day)
Location
My house.
Processor AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard Gigabyte sumthin-or-another, it's got an nForce 430
Cooling Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory 2GB G.Skill DDR2 800
Video Card(s) Sapphire X850XT @ 580/600
Storage WD 160 GB SATA hard drive.
Display(s) Hanns G 19" widescreen, 5ms response time, 1440x900
Case Thermaltake Soprano (black with side window).
Audio Device(s) Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply ThermalTake 430W TR2
Software XP Home SP2, can't wait for Vista SP1.
the "average joe" is not so clever, ive fixed countless pc's off friends and family and as soon as it boots the things is clogged to shit trying to load up all kinds of crap thats uneccessary (imo software developers need to take responsibility for this and learn NOT to program there software to automatically startup, if the user is running there software is that not enough? )

and the amont of times ive had someones pc to fix and thought id start up internet explorer and theres like 3-4 different toolbars, one under the other (taking up half the bloody screen) (not too mention being able to browse all the naughty sites they have visited :laugh: clean your goddam browsers people or dont vist pr0n sites :p)

I earn $20 a house-call, and that is almost exactly like what I have to deal with every visit. Have you tried putting your clients on limited accounts (through Windows)? I've found it keeps a lot of crap off, especially when all my clients want to do is access teh interweb (firefox, disabled access to IE). And I completely agree on how software developers need to keep their crap from starting with Windows. Stores are selling PC's with SEVENTY PROCESSES :shadeshu . I'm currently running 31 processes and have just about everything I need on the PC on right now (WMP, AIM, FF, AV...).

Oh yeah and I don't use firewalls, common sense and a router do everything a software firewall would do :).
 

Alec§taar

New Member
Joined
May 15, 2006
Messages
4,677 (0.69/day)
Location
Someone who's going to find NewTekie1 and teach hi
Processor DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory 512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s) BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s) SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s) RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply Antec 500w ATX 2.0 "SmartPower" powersupply
Software Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)
When dealing with things like simple registry changes this is no problem, but when malware is piggybacking in an installer....this effectively ushers in the next generation of Trojan horse viruses.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer

Point-blank: When you assign that registry pathway SYSTEM users, w/ FULL CONTROL rights, OR Administrator users, w/ FULL CONTROL rights?

She's right - in that even 'safe installers' CAN/COULD deliver ANYTHING it wants, & I don't care if you use .msi installers, installshield, or what...

(& I'd wager it's the exact same in VISTA, that same pathway exists, w/ same user rights assigned to it)

Same w/ your filesystems, they can write anything they'd like.

Add to that, the fact they have an internal 'stamp' (probably in the Win32 Portable Executable Header) which marks them as running as Admin users, by "association"? Well, you get, what you get. Installers have to change as well, imo, yet again also.

APK

P.S.=> UAC doesn't do a thing to stall that apparently, how can it? Check you registry permissions there, you'll see what I mean...

http://theinvisiblethings.blogspot.com/2007/02/running-vista-every-day.html

"One thing that I found particularly annoying though, is that Vista automatically assumes that all setup programs (application installers) should be run with administrator privileges. So, when you try to run such a program, you get a UAC prompt and you have only two choices: either to agree to run this application as administrator or to disallow running it at all. That means that if you downloaded some freeware Tetris game, you will have to run its installer as administrator, giving it not only full access to all your file system and registry, but also allowing e.g. to load kernel drivers! Why Tetris installer should be allowed to load kernel drivers?"

VISTA security, nice as it is & it IS an improvement on its forebears in many ways, does have a "hole" there, you either install as administrator user, (OR don't install your program, yea, right: IF YOU WANT TO USE IT, you'll install it, the point of running one IS that) & the installer technically CAN do what ADMIN users can @ that point... where you the user can't for many things!)

There is currently, NO SANDBOX FOR INSTALLERS in other words, & they too, need to change it seems to fit the VISTA security model... apk
 
Last edited:

EastCoasthandle

New Member
Joined
Apr 21, 2005
Messages
6,885 (0.96/day)
System Name MY PC
Processor E8400 @ 3.80Ghz > Q9650 3.60Ghz
Motherboard Maximus Formula
Cooling D5, 7/16" ID Tubing, Maze4 with Fuzion CPU WB
Memory XMS 8500C5D @ 1066MHz
Video Card(s) HD 2900 XT 858/900 to 4870 to 5870 (Keep Vreg area clean)
Storage 2
Display(s) 24"
Case P180
Audio Device(s) X-fi Plantinum
Power Supply Silencer 750
Software XP Pro SP3 to Windows 7
Benchmark Scores This varies from one driver to another.
Wait a minute, Vista is sold on the premise that it's a safer OS! This is not about comprise nor about how you navigate the internet (laughable at best). If you are treating Vista like XP why even buy it to begin with?
 
Top