Microsoft To Modify Windows 7 UAC After Vulnerability Is Revealed

A couple of Windows bloggers have presented more proof-of-concept codes that subverts a crucial security feature in Microsoft’s new Windows 7 operating system, an issue, that the company admits it was aware of since October last year.

However, Microsoft has asserted that it has addressed a security snag affecting the User Account Control (UAC) feature in Windows 7 that researchers argued leaves users vulnerable.

The software giant has patched a privilege escalation issue in the internal beta construction of the operating system that was put forth by the researchers, the company announced.

The issue involving UAC feature was highlighted by the bloggers Long Zheng and Rafael Rivera, and the duo purported that a crucial vulnerability revolving around UAC feature could enable hackers to exploit pre-approved Microsoft applications to trick Windows 7 into granting malicious codes authorised rights to users’ machines.

The UAC feature in Windows 7, by default, prompts users of the operating system their approval before enabling tasks, like device and program driver installation to occur.

Incidentally, the Windows 7 operating system utilises an exclusive Microsoft Windows 7 certificate to differentiate between third-party programs and applications that organise Windows settings.

UAC was debuted with the Microsoft’s Windows Vista in December 2007, and in spite of the modifications in the feature for Windows 7, it has drawn criticism from many users across the world.

Go To Page 2 for our comments and more related links

Our Comments

It is important that Microsoft hits the bullseye when it comes to Windows 7's security features. Vista's security was one of the strongest points when compared to Windows XP. UAC though still remains a thorn for many users because it is seen like a nagging nuisance by many rather than a crash rail.

Related Links

Microsoft to tweak Windows 7 settings

(CNet)

Microsoft Takes on UAC Security Issue in Windows 7 Beta

(eWeek)

Microsoft changes Windows 7 UAC after new exploit code surfaces

(Computerworld)

High-slider integrity planned for Windows 7 UAC

(The Register)

Microsoft Bows to Critics, Will Change Windows 7 UAC

(Technologizer)

Microsoft listens, changes UAC behavior in Windows 7

(Neowin)

Microsoft Tightens Up Windows 7 UAC

(Microsoft Watch)

Microsoft to improve Windows 7 security settings

(Fay Observer)