On Feb 4, 3:09 pm, Roy Schestowitz <newsgro...@xxxxxxxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> ____/ Investigative Reporter Web server on Wednesday 04 February 2009 22:30 :
> \____
>
>
>
>
>
> > ness...@xxxxxxxxxxxxxxxxxxx wrote:
> >> <Quote>
> >> Researchers have uncovered yet another flaw in Microsoft's Windows 7
> >> beta that could allow attackers to gain full administrative privileges
> >> by bypassing the operating system's UAC, or user access control....
>
> >> "Unfortunately this flaw is not just a single point of failure,"
> >> writes security blogger Long Zheng. "The breadth of Windows
> >> executables is just too many and too diverse and many are
> >> exploitable." ...
> >> </Quote>
>
> >>http://www.theregister.co.uk/2009/02/04/windows_uac_flaw/
>
> > <Quote>
> > Both researchers say they've received word that Microsoft has already
> > changed the UAC behavior in internal Windows 7 builds. A Microsoft
> > spokesman said he was looking into the matter. We'll update if we hear
> > back. In the meantime, Windows 7 users may want to set UAC to "high."
> > <Quote>
>
> They must already be "high" is they run BetaVista7.
The article also said that Microsoft faces its usual problem, if they
want to make things secure, they make things inconvenient for users,
ergo, users do insecure things.
|
|
