Linked by Thom Holwerda on Sat 31st Jan 2009 10:45 UTC
Privacy, Security, Encryption Yesterday, we reported on the security flaw in Windows 7's UAC slider dialog, and today, Microsoft has given a response to the situation, but it doesn't seem like the company intends to fix it. "This is not a vulnerability. The intent of the default configuration of UAC is that users don't get prompted when making changes to Windows settings. This includes changing the UAC prompting level." I hope this reply came from a marketing drone, because if they intend on keeping this behaviour as-is in Windows 7 RTM, they're going to face a serious shitstorm - and rightfully so. Let's hope the Sinfoskies and Larson-Greens at Microsoft rectify this situation as soon as possible.
Permalink for comment 346428
To read all comments associated with this story, please click here.
Member since:

Thom_Holwerda disputed...

UAC was a success, as the number of applications requiring admin privileges has been drastically reduced. THAT was its intended goal, and it succeeded.

That may have happened as a result, but let's be honest here--it was a nice side effect. For it to have resulted in the changes you suggest would have to mean most users of Windows are running as limited accounts. I don't think anyone wants to pretend that's happened--for the very same reason you point out: 'Everyone' knows installing apps requires admin privileges and so run that way as default.

--bornagainpenguin (who has yet to see a Vista installation in the wild not running with admin privileges)

Reply Parent Score: 2