Windows 7 Security Savaged: "Allow / Deny" Prompts To Return?
Some days it seems like Microsoft (MSFT) just can't win. Windows XP was generally well-liked for its user interface, but was criticized for being highly vulnerable to malware, viruses, and other cyberattacks. Microsoft responded by making Vista the most secure -- and most annoying -- Windows ever, with the problems that plagued XP solved with constant security pop-ups.
Now it looks like the pendulum may have swung the other way with Windows 7. While 7 has been praised for being less intrusive than Vista in managing system security, it also might be far less effective at keeping malware out.
Via ZDnet's Mary Jo Foley:
Two Windows enthusiast bloggers, Long Zheng and Rafael Rivera, have now discovered not one, but two, seemingly severe exploit channels in the UAC setting that is currently set as the default for Windows 7. The first exploit they publicized (after talking to Microsoft privately about it) allows malware to turn off UAC; the other allows malware to auto-elevate without notifying the user. To date, Microsoft’s response is that the new UAC default is set the way it is “by design” and isn’t problematic.


:
