Yet another UAC discussion

If I would have to nominate the number one feature of Windows Vista, it would be UAC. Not because I think that it is the most important feature (it is one important feature among a lot of others) but because UAC caused an unbelievable amount of press. The reason behind it: A lot of people seem to try to find a way to circumvent UAC in order to show that it is not worth the effort.

Well, Mark Russinovich (a Technical Fellow at Microsoft) showed at CanSecWest the limitations of UAC and he is (obviously) right. But think about it: We added a lot of technology into Vista in order to make it harder (I said harder, not impossible) to attack Vista: Address Space Layout Randomization, Service Hardening, Kernel Patch Protection, UAC, … So UAC helps to raise the bar, not to solve all the issues. Even though is seems that there are technical limitations in UAC, I am convinced that if a social engineer wants to trick a user in accepting an elevation prompt, there will be enough users to agree on elevating.

Additionally, the user is still user: You still have the possibility to do everything a user can on a machine without even thinking about UAC as you stay with the user.

Therefore, I think we should spend more of this great brainwork in order to bring either those features forward (what Mark actually does, but there are others…) or help to educate users.


Comments (1)