Linked by Thom Holwerda on Sat 31st Jan 2009 10:45 UTC
Privacy, Security, Encryption Yesterday, we reported on the security flaw in Windows 7's UAC slider dialog, and today, Microsoft has given a response to the situation, but it doesn't seem like the company intends to fix it. "This is not a vulnerability. The intent of the default configuration of UAC is that users don't get prompted when making changes to Windows settings. This includes changing the UAC prompting level." I hope this reply came from a marketing drone, because if they intend on keeping this behaviour as-is in Windows 7 RTM, they're going to face a serious shitstorm - and rightfully so. Let's hope the Sinfoskies and Larson-Greens at Microsoft rectify this situation as soon as possible.
Permalink for comment 346419
To read all comments associated with this story, please click here.
Member since:

BluenoseJake trolled...

People complained loudly that UAC is annoying and prompts to often. MS put the control in the users hands, made it adjustable because people made such a big deal over the UAC in Vista. So what do people do now, when UAC is broken by the default settings in Win7? More complaining. It can be changed, you know.

You people made your bed, lie in it. What we complained about was the joke UAC was made into, with even Microsoft itself admitting it was made purposely to be annoying not useful. Don't believe me? do a search on this very site, this was where I first saw the article.

Now if UAC had worked like Ubuntu handles accounts, with requiring an administrator password before proceeding then you wouldn't have seen quite as many complaints on here and elsewhere about it. (I don't say you wouldn't have seen any complaints because we both know there are some people who will never be happy with what Microsoft does no matter what it is.) The problem is instead of requiring escalated privileges UAC behaves like Clippy on steroids prompting:

'Are you really sure you want to do that? Are you sure? really reeeeaaaaallllllly sure?'

...and ultimately resulting in absolutely no change in behavior.

Most users turn it off first thing, and the ones who are unable to do so just click through it without reading it, making the problems UAC was supposedly intended to fix worse!

I'm not saying any of this would fix the current problem, but pretending this is a case of people complaining about UAC without merit is simply trolling and you know it.


Reply Parent Score: 2