Windows 7 UAC vuln not a vuln, MS repeats
When is a Windows 7 vulnerability not a vulnerability? When the malware that's been written to exploit it can't be installed without the user's OK.
That's according to Microsoft's Windows core operating system division senior vice president Jon DeVaan, who felt moved to post a lengthy blog standing behind the security of Windows 7 and - particularly - User Access Controls (UACs).
He says there's been no report of a way for malware to make it on to a Windows 7 PC without first getting approval from the user. So far.
Curiously, in spite of his defense, Microsoft told us it has updated the Windows 7 code that will go in the final build to get around the UAC problems that have been raised.
What problems? Windows bloggers Long Zheng and Rafael Rivera claimed to have unearthed two flaws in the Windows 7 beta that could allow an attacker to gain full administrative privileges by sidestepping the UAC in the planned operating system.






:

