New UAC issue in Windows 7 and Windows 10 causes problems

Costea Lestoc By: Costea Lestoc
2 minute read

Home » News » New UAC issue in Windows 7 and Windows 10 causes problems

The User Account Control (UAC) feature on Windows seems to be such a good idea, since it allows for people to keep their computers safe, preventing unwanted software installation that might prove to be dangerous for your machine. However, many have discovered ways to get over it, and so the necessity for a new UAC appeared. Not only that people could run commands on a Windows computer without the owner’s permission, but also without leaving any traces behind.

Matt Nelson and Matt Graeber, who work as security researchers at Microsoft, discovered in their turn this breach and decided to develop a new exploit. They tested in both on Windows 7 and on Windows 10, but they claim that the aforementioned technique can be used to breach security on any Windows that runs UAC.

Even though you should already have access to a computer before hacking into it, it is still not safe to continue like this. Nelson explains that an attack would allow an admin to run a code in a context without needing the approval of the user, thus removing the restrictions imposed on any attacker by the local administrator.

What Nelson says we can do in order to protect our data and our computers is to set the UAC to “Always Notify” or removing other users from the group of local administrators. There also other methods and signatures if you want to look for and get an alert whenever a new registry is entered in HKCU/Software/Classes/.

Moreover, Nelson warned that this technique is slightly different than the others that were public until now for a couple of reasons: it doesn’t imply leaving a regular file into the file system, it doesn’t need a process injection and neither a privileged file copy, all this making it more dangerous for Windows users.



Next up

Cisco VPN Client won’t install on Windows 10? Here’s a guaranteed fix

Vladimir Popescu avatar. By: Vladimir Popescu
2 minute read

Cisco VPN is a great virtual private network software, but many users reported that Cisco VPN Client won’t install on their PC at all. This […]

Continue Reading

Install KB4499177 if you want to fix icon loading issues

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

Microsoft 7rolled out a new cumulative update for Windows Server 2016 and Windows 10 version 1607. This recent release bumps the current version of OS […]

Continue Reading

iSpy issues on Windows 10 and how to fix them

Milan Stanojevic avatar. By: Milan Stanojevic
5 minute read

Security of your home is important, and many people tend to use surveillance cameras in order to protect their home. If you have a security […]

Continue Reading