Researchers release Windows 10 UAC malware information

By: Vamien McKalin
2 minute read

Windows 10 is an operating system that offers increased security among other cool things. However, the improved security features are not perfect as a new vulnerability has been found, and it could open the operating system to malware attacks.

Ironically, the issue has to do with the Windows User Account Controls (UAC), something designed to help Windows block unwanted software and malware.

Security researchers, Matt Nelson and Matt Graeber, were the ones to discover the flaw, and ultimately made it known via the website, Enigmaox3. It details how Windows 10’s SilentCleanup processed can be used by attackers to allow malware to slip through the UAC gate and enter your computer.

Matt Graeber (@mattifestation) and I recently dug into Windows 10, and discovered a rather interesting method of bypassing User Account Control (if you aren’t familiar with UAC you can read more about it here). Currently, there are a couple of public UAC bypass techniques, most of which require a privileged file copy using the IFileOperation COM object or WUSA extraction to take advantage of a DLL hijack. You can dig into some of the public bypasses here (by@hfiref0x). The technique covered in this post differs from the other methods and provides a useful alternative as it does not rely on a privileged file copy or any code injection.

Security researchers tend to recommend that computer owners never use their administrator account for daily computer use since it opens them to the possibility of more attacks, but it doesn’t matter in this regard. You see, UAC and Windows 10’s SilentCleanup process, runs with the highest level of power, so it wouldn’t matter which account you’re using.

Graeber and Nelson said they reported the issue to Microsoft, but the company responded by saying it is not a security problem. Apparently, UAC, to Microsoft, is not security measure hence why the company does not view the problem as a security measure.

Microsoft is either bluffing or the researchers are wrong. However, what is certain right now is that the company has no choice but to release a fix for UAC because it is now out in the open for the entire public to see.

RELATED STORIES YOU NEED TO CHECK OUT:

Windows 10 Anniversary Update ISO will arrive on August 2

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading