We posted about our concerns with the possiblity of the Windows 7 UAC setup being broken: Windows 7 UAC is Broken?
Well, the authors of that blog post have gone on and demonstrated the vulnerability in a video:
- i started something: Windows 7 UAC code-injection vulnerability: video demonstration, source code released
After watching that video, there is no real reason for an SBS domain to have the UAC setting in Windows Vista turned off and Windows 7 UAC slider turned down.
- MPECS Inc. Blog: SBS 2008 - Enable UAC by default in Group Policy
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book