News Windows zero-day flaw bypasses UAC

Just wondering if this is the one of the method of information gathering used by AV companies; scour forums for hacks and then release statement saying that they've discovered...

 

I don't have UAC on anyway, I feel sorry for vista users.

 

Agreed its most irritating feature of recent years. New customers of mine often think something is wrong with the computer and ask me to turn it off! Even when I try and scare them in to keeping it they ask me to get rid.

I've never used it on Vista or 7, I don't even have an anti virus (although I never recommend to customers running without one.)

I can spot a virus or malware a mile away anyway!

Alex.

 

No idea, all my stuff is Javascript. Haven't investigated Powershell, on the basis that it appears to be a slightly worse version of just running Javascript under WSH. Windows has had really rather good scripting ever since JScript was introduced; I'm not sure why they felt the need to include another. No, wait, I see exactly why - because of unflattering comparisons with Linux, from Linux users who didn't know about WSH.

So yes, there we have it - there is no reason for Powershell to exist, but it had to, because Linux users didn't know what WSH was. In conclusion: the world is doomed.

 

u norm Nock the uac setting down so it does not make the screen dark as most systems seem to have an delay before the box pops up

I would never disable uac as you just be running xp way of security

I have been seeing user mode fake av soft (thinkpoint) does not seem to use uac, stops programs from opening, could do combofix working on 64bit OS as well

 

OMFG!
Seriously?
You probably have loads and you don't even know it.
Just because everything appears to be ok it doesn't mean there isn't anything just sitting there undetected, idle or just spreading stuff to other people.

Seriously dude, get some protection, no matter how good you think you are something will always get past.

 

Another day another world comes to an end exploit found, no doubt it will be patched sharpish, the real question is what involvement would a user have in installing exploit?

 

faster than ophcrack.. just get in install your stuff and get out =]

uac works well if you know how to use the task scheduler to run things at logon.. you'll never see the prompt unless it matters if you set it up right- uac should be all the way up in 7

what's funny by default windows 7 uac is a joke to bypass.. it has safelists like notepad.exe and exploits have already impersonated those files to gain full admin rights.. turn it all the way up or off (dunno why anyone would do this.. but I'm sure they have their reasons)

exploits happen and it's a pretty good exploit.. this is kind of a nightmare for system admins who have to deal with employees opening attachments or running things off usb sticks- hope they get it patched soon

 

For you guys that say UAC is annoying because of your scripts, I'm sure there is a way of setting UAC to allow certain programs without asking. So if your writing your own scripts I'm sure you are capable of setting UAC to ignore them. (Again assuming it's possible)

 

you can always run a script as admin like this

Code:

Set objSh = CreateObject("Shell.Application")

objSh.ShellExecute "wscript.exe", "c:\Example\example.vbs" , "", "runas", 1

1,2,3 at end normal,minimize,hidden.. but anyone who writes would know this, that's why it kind of doesn't make sense to say uac is stopping me from writing my scripts

course win 7 has a whitelist by default, but if your running uac with a whitelist you might as well turn it off

 

.

 

UAC bugged me in vista for the first two weeks.

After that I never noticed it and it has saved my arse more than once.

 

Well unless the remastered version of Terminator or Blade Runner comes loaded with a computer created virus from a ulternate future, or some how you can get emailed a virus without an attachment, or eBay, IPlayer, 4OD or Youtube become infected I'm fairly safe!

Ive always said, do dodgey shiz get dodgey shiz on your PChizzle homez.

Al3x.

 

And what happens if bit-tech gets compromised? Still safe?

 

Its ok, biggest problem on BitTech is the Spammers, and the never ending quest to reach the Relix.

Alex.

 

For those who says that UAC is useless. remember that it helped millions of user world wide in preventing attacks. Exploits from plug-in, or other programs in attacking the system fails to run, picture.jpg.exe is no longer a treat. Countless number of viruses stop functioning.

Ok so what, a security hole was found, it will be fixed and voila.. now what. UAC is completely safe again. By the time the malware/virus-makers integrate this technique into their attack, which is actually hard and challenging by itself, Microsoft will release a patch. And don't assume that 100% of malware and virus suddenly have the ability to do this. I am sure that less than 1% of malware/viruses will have it.

Beside, we have an A//V to make things even more protected.

UAC should not be disabled. In fact, I think Microsoft should went all in, and apply Linux style. You want admin? get out the terminal (unless you use Ubuntu now they have the dialog box for certain things).
And for those who thing that Windows UAC dialog is stupid as you just click on Continue. Remember that it's like this because you are ADMINISTRATOR. Not the real absolute one, but one. Any other non-Admin users needs to enter the user name and password of an Admin privileged account.

 

UAC is a joke - at least in UNIX (and clones) it is/was built-in from the start...

 

This works because YOU ARE the one running it. Windows blocks this including BAT files from a program to do this. The only possibility is that the program moves your mouse, go inside your folders and double click on the file, all by knowing exactly where each folder and the file is located on your screen, and your window placements (Windows doesn't provide that information), and hopes that you don't move the mouse while it does this. So good luck.

 

UAC is built-in from the start. It goes all the way down to the core of Windows.
Remember since Vista, nothing is based on NT3. XP was the last OS that was based on NT3, where every version was just newer features and patches done on the NT3 kernel, with minor modification to it.

 

yeah it elevates a script.. if you ever tried to run a vbs script as admin without the scheduler, you'll see why this works.. most scripts are on a schedule anyhow, so task scheduler is perfect for running scripts you need done at a certain time/login

you'll get the prompt, but that's what uac does.. maybe a way to add run as admin into the context menu for vbs files, but I never tried