New UAC issue in Windows 7 and Windows 10 causes problems

Costea Lestoc By: Costea Lestoc
2 minute read

Home » New UAC issue in Windows 7 and Windows 10 causes problems

The User Account Control (UAC) feature on Windows seems to be such a good idea, since it allows for people to keep their computers safe, preventing unwanted software installation that might prove to be dangerous for your machine. However, many have discovered ways to get over it, and so the necessity for a new UAC appeared. Not only that people could run commands on a Windows computer without the owner’s permission, but also without leaving any traces behind.

Matt Nelson and Matt Graeber, who work as security researchers at Microsoft, discovered in their turn this breach and decided to develop a new exploit. They tested in both on Windows 7 and on Windows 10, but they claim that the aforementioned technique can be used to breach security on any Windows that runs UAC.

Even though you should already have access to a computer before hacking into it, it is still not safe to continue like this. Nelson explains that an attack would allow an admin to run a code in a context without needing the approval of the user, thus removing the restrictions imposed on any attacker by the local administrator.

What Nelson says we can do in order to protect our data and our computers is to set the UAC to “Always Notify” or removing other users from the group of local administrators. There also other methods and signatures if you want to look for and get an alert whenever a new registry is entered in HKCU/Software/Classes/.

Moreover, Nelson warned that this technique is slightly different than the others that were public until now for a couple of reasons: it doesn’t imply leaving a regular file into the file system, it doesn’t need a process injection and neither a privileged file copy, all this making it more dangerous for Windows users.



Next up

11 board games to buy for Christmas in 2018

Madhuparna Sukul avatar. By: Madhuparna Sukul
Less than a 1 minute read

It’s the best time of the year to shop for the best board games for Christmas. Deals are pouring in and there could be no […]

Continue Reading

Windows 10 error when attempting to open Help File [FIXED]

Sovan Mandal avatar. By: Sovan Mandal
3 minute read

There have been instances of errors cropping up when trying to open help in Windows 10. The same might also be reminiscent of Windows 8 […]

Continue Reading

Google+ to bite the dust even earlier after major data loss

Giles Ensor avatar. By: Giles Ensor
3 minute read

Google has decided to shut down Google+ even earlier, due to a loss of data that has affected an astonishing 52 million users. Even by the […]

Continue Reading