Jump to content

Poll: What UAC Level do you use?


DigeratiPrime

What UAC Level do you use?  

100 members have voted

  1. 1. What UAC Level do you use?

    • Always notify me and dim my desktop until I respond
      4
    • Default
      22
    • Notify me only when programs try to make changes to my computer
      11
    • Turn off UAC
      63


Recommended Posts


Having UAC on does give you access to other features too, like process integrity level and registry/file system virtualization. Some people don't need or want these, but I find them quite useful.

Link to comment
Share on other sites

Always notify (slider to top position)

All other settings are insecure. With the default settings (shown at the picture) all applications (good aps or malware) can easily execute code with elevated rights by using MS apps included inside Win7 without showing the UAC. This is an incredible security vulnerability.

Link to comment
Share on other sites

Default for now. I figure if im evaluating an OS i shouldnt change much unless it really gets in my way.

Vista UAC = In my way from 3 seconds after the first boot and therefore gone after the second boot.

7 UAC = Slightly annoying at first but now its only annoying when it one of the times it forces the screen black, locks up any video im playing and then forces a redraw of the entire desktop. The rest of the time its OK.

Link to comment
Share on other sites

7 UAC = Slightly annoying at first but now its only annoying when it one of the times it forces the screen black, locks up any video im playing and then forces a redraw of the entire desktop. The rest of the time its OK.
Video driver issue. However:

Key:   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Value: PromptOnSecureDesktop
Type: REG_DWORD
Data: 0

Or you can do it in secpol.msc under Security Settings > Local Policies > Security Options > User Account Control: Switch to the secure desktop when prompting for elevation (set it to disabled).

Link to comment
Share on other sites

All other settings are insecure. With the default settings (shown at the picture) all applications (good aps or malware) can easily execute code with elevated rights by using MS apps included inside Win7 without showing the UAC. This is an incredible security vulnerability.
Rundll32 will not be whitelisted in Win7 RTM. Making use of rundll32 to launch an app that would normally bypass UAC prompts behaving as if a user manually ran the app will not work on Win7 RTM, making the default more secure.

http://technet.microsoft.com/en-us/magazine/2009.07.uac.aspx

Link to comment
Share on other sites

@cluberti

the security vulnerability is still there, because only one app with this manifest entry can be used to bypass the uac when the uac is running at the default level. I also able to inject notepad, dwm, explorer and a lot more app to run any code in elevated mode without accepting the UAC prompt.

Mark posted that MSFT knows this issue and will never fix it. Look here for a video: http://nudel.kelbv.com/W7E_VID_INT/W7E_VID_INT.htm and take a look at the demo app+code:

http://www.pretentiousname.com/misc/W7E_So...Inject.cpp.html

Link to comment
Share on other sites

Full disclosure I've been aware of the issue myself and recently took the time to investigate it, but I wanted to hear how others use UAC so I can judge Microsofts reasoning here.

If you go up one level on that site they have videos of this http://www.pretentiousname.com/misc/win7_uac_whitelist2.html

If I understand Secure Desktop correctly, it's there to stop an application from being able to click in it's own UAC dialog box to elevate itself. So I leave it on now :)

The way I see it is it's only a matter of time before these methods are used against us.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...