We posted about our concerns with the possiblity of the Windows 7 UAC setup being broken: Windows 7 UAC is Broken?
Well, the authors of that blog post have gone on and demonstrated the vulnerability in a video:
- i started something: Windows 7 UAC code-injection vulnerability: video demonstration, source code released
After watching that video, there is no real reason for an SBS domain to have the UAC setting in Windows Vista turned off and Windows 7 UAC slider turned down.
- MPECS Inc. Blog: SBS 2008 - Enable UAC by default in Group Policy
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book
*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)
More videos from back in February, exploring this issue in more detail, on my page here:
ReplyDeletehttp://www.pretentiousname.com/misc/win7_uac_whitelist2.html#videos
(I wrote the proof-of-concept code and 'discovered' the issue.)