Here at OSNews I have hammered and hammered on a few times already about the major flaw in Windows 7's default User Account Control, which allows people or software with malicious intent to completely bypass UAC in such an easy manner that you wonder why UAC is there in the first place. Well, the source code to this flaw has been released - since Microsoft has made it clear they have no interest in fixing it anyway - and Long Zheng, fellow advocate of fixing this bug, made a very clear demonstration video.
To read all comments associated with this story, please click here.
Member since:2006-02-15
So what? Any programmer worth their salt knows exactly how this is done anyway. Releasing the source code isn't going to change anything.
Now even novice programmers can create malware by utilizin this flaw.
Why does osnews keep going on about this? Mark has already explained why this isn't considered a flaw. What makes osnews better qualified than Mark?
Security experts, any system administrators, any knowledgeable users and so on say it's a flaw, but you ignore it all just because Mark says so? Umm..
Member since:2006-07-04
As I've said before, I think Microsoft caved to the lies about UAC and did stupid things to make it less "annoying". They should have left is as it was in Vista, IMO.
That said, for all your "security experts" that disagree with Mark, my problem is that I've yet to see any of these experts actually address what Mark has said about this. They seem to simply ignore what he's said and repeat their talking points. Why is that?
Member since:
2005-12-23
Wow, the source code is out!
So what? Any programmer worth their salt knows exactly how this is done anyway. Releasing the source code isn't going to change anything.
Why does osnews keep going on about this? Mark has already explained why this isn't considered a flaw. What makes osnews better qualified than Mark?