Vista's UAC Flawed

Aron Schatz
February 14, 2007

Page All:

Page 1
It seems that the Vista User Account Control 'feature' that was put in place to stop people from using admin accounts all day has some bad features... Anything that gets installed runs the installer with admin privs period. This is terrible.


That's because Vista uses a compatibility database and several heuristics to recognize installer executables and, every time the OS detects that an executable is a setup program, "it will only allow running it as administrator." This, in Rutkowska's mind, is a "very severe hole in the design of UAC." "After all, I would like to be offered a choice whether to fully trust given installer executable (and run it as full administrator) or just allow it to add a folder in CRazzrogram Files and some keys under HKLMSoftware and do nothing more. I could do that under XP, but apparently I can’t under Vista, which is a bit disturbing," she added. A few days after Rutkowska flagged the UAC shortcoming, Microsoft's Mark Russinovich wrote a detailed technical explanation of the way the mechanism works. One thing that stood out in Russinovich's explanation is an admission of sorts that the default configuration of UAC puts the user at risk of a sophisticated code execution attack.


Medium Image View Large