Linked by Thom Holwerda on Thu 11th Jun 2009 10:00 UTC
Windows Not too long ago, we ran a story informing you of how the auto-elevation feature in Windows 7 is broken in a way that allows malicious programs to silently gain administrative privileges. We wondered if Microsoft was ever going to fix this one before Windows 7 goes final, and even though we're not there yet, a recent article by Mark Russinovich seems to imply pretty strongly that no, Microsoft is not going to fix this.
Thread beginning with comment 368334
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Code 18"
by leech on Fri 12th Jun 2009 22:58 UTC in reply to "RE[2]: Code 18""
Member since:

Except that you couldn't do that without the user knowing, because nothing is set with execute rights unless the user set it themselves. Ah Unix Security 101.

Reply Parent Score: 2