|
|
|
Windows 7 UAC Is Ineffective Security Solution for Malware, Sophos Says
By: Brian Prince
2009-11-04
Article Rating:  / 6
There are 8 user comments on this Network Security & Hardware story.
A researcher at Sophos reports putting Windows 7's User Account Control feature to the test and finding the technology failed to block numerous pieces of malware. Microsoft, however, stresses that UAC is only one part of Windows 7's security.A researcher at Sophos called the UAC feature in Windows 7 ineffective after numerous pieces of malware snuck by the technology in a test.
Microsoft first introduced User Account Control in Windows Vista to improve security. After some users complained the number of alerts it generated were annoying, the company pledged to cut down on the number of prompts in Windows 7. The move however has raised concerns in the security community, and Sophos Senior Security Adviser Chester Wisniewski said his test proves Microsoft took it a step too far.
Wisniewski wrote on his blog Nov. 3 that seven of the 10 pieces of malware he tested ran with the default UAC enabled in Windows 7 without generating any prompts. As part of the test, no antivirus software was installed on the system. Two of the malware samples did not work in Windows 7; of the remaining eight, only one generated a prompt, and that one still would have been installed had the user clicked yes, Wisniewski told eWEEK.
When asked about the test, Microsoft officials pointed to the other features of Windows 7 that have improved security.
"Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware; this includes features like Security Development Lifecycle (SDL), User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP)," a spokesperson said.
"Windows 7 retains all of the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released," the spokesperson added. "Coupled with Internet Explorer 8which includes added malware protection with its SmartScreen Filterand Microsoft Security Essentials, Windows 7 provides flexible security protection against malware and intrusions."
Still, Wisniewski noted on his blog that UAC's failure to truly block more than one sample reinforced his warning prior to the Windows 7 launch that the feature's default configuration does not ensure protection from malware.
"Lesson learned? You still need to run antivirus [protection] on Windows 7," he blogged.
| | Reader Comments: Windows 7 UAC Ineffective Security Solution for Malware, Sophos Says | | >>> Post your comment now!
| | Here here!He has a financial interest, but also need more hits on his blog, so now he got them.
Next someone from a fire extinguisher company will set a... Posted At: 11-10-09
By: Dimitri of Course | | | | | | A user comment on this articleWas the test performed under the recommended standard user account or on the less secure administrator account. In my work I have seen Vista with a... Posted At: 11-07-09
By: Anonymous | | | | | | A user comment on this articleThe main purpose of the UAC is not to block malware, but to shift responsibility for malware infiltration away from Microsoft to the end user. The... Posted At: 11-06-09
By: Anonymous | | | | | | A user comment on this articleThe person cited in the article has a financial interest in generating FUD among Windows 7 users to get more people to purchase his product instead... Posted At: 11-05-09
By: Fred Morrison | | | | | | A user comment on this article"UAC deal with APPLICATIONS, not malwareIdiots"
I bet you don't understand the definition of application and malware and the link between each... Posted At: 11-05-09
By: Guard-A | | | | | | UACObviously, Sophos, Julie nor thousands of other 'literates' understand the mission of UAC. Better read the White Paper/documentation from MSFT before... Posted At: 11-04-09
By: Dave | | | | | | A user comment on this articleYou mean Sophos , the British anti-virus with its pathetic user interface ?
Sophos produces many false-positive and its comments on Win& UAC is... Posted At: 11-04-09
By: Carol | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
�������xr80�VӮc�]mT!rYST婎PP$$M�{%Ο�� 7](vuϖ˖�"Ld&�D��?;;~$rɅklJv9�;�D;;?.ԇP|oQP�o�2t}R �
�tӌ5v��:!�M�����>�;|�/s=NN5��%�j'aCkc�FcW�2ű5m2�f
�E1;'
}=B �~5;�6m��(GJ��{8�K��E!@�C�oQuB)~{
Cw*�Nul9�Q��)+Jt/"(?F#&�c-4qwN�̚?0/Pcw��Ҵ���v[*v�_eߌڭAx)�B(��#�bF�]߂�KCI%�qؓ&thluD`YRi 3�LmfCÑcWPpmׇVsTq3#}j�ݷt{�#�ԷF@:S�1)��æ�'I/#!_TBRp`�F�GJ
V�#vRA'�ס"�'�l_k|��uv3< 3~3 CoZeNDj%o�~�cn!Lj�Z�E&>�5
ؗ�Y͢`F3l˸-:4
PS+}(Z�}rL>-g`TzEÝ5�훏Εiѻ]�H�QPw;@
VVa(.:^O.ac'H
Hw&�V)��UjT:( Ԙ8r��`�rM7Jq߹p~y)ڡVR]F[V@a`%�pfQUe�>e}}uI}|vti"|g9̠j�PEf�+%�2h\uܜ<_st.O7=rڽ&'ϝv�Y; �i
Og�fɟk*}kCp5��'{:$?LmrG��,���.i�TW%�᧓qULBusL
,ߔeBuֿ8'�} ,�-�)Ttܿ��G)L,Y`M����Imdʩ�$|Ǻ�z�N��ԜYu^:`K�7B��S��I3Q8�n�ZK}0�[RF&�\� Д��Q�C|dMa�b&DJH?�є6-`i{/��(AK/�
ڊ�5|*(if);�/3 �BD4?CzC���0!pJn|?
[�Z&�чfmќ-Ӆ�]WcL^cL
.Cuv}BzW^�?]{և6LqD18�,0]ev|`\�on:j~b:Va�**r[T�Qn�ʼnl�:2X�
jXR7HaQ�p:� 0h��vS�Oiͦ89y��t$�AG61^�zK
ucb���>'ݸä��wX�(}Zc�Og6�/|�\a��֔�^탉�i$�i��-D�@wM0I�e+�f!S uG �νdrg�oMA�(oInP��X^0 vji�q�Hp�yY?���B]uCb賀B�=���`MkweC���93(��u�%w2R}g9>�] #RRR$S$!�hI#r����
Bг�,`@o%`G`[wgw$]Vi+RaD4�T*nO�u$cwV*�2ڹLX)gQY,p[/)�͙J2d0e Q=b`&�Qea*0pRx5Rn.ZU�٦ByQ�i$w&]YW�U!}jʋ3�6��ˁ)t�3#ϖ�Π�Gx�lj?DŽ��\=ۣeX��BӽB11
�A3u�OP#'4���;3Wu9Z{[N/=�\҇14gJ/ι_o2MS�|T�n^ßf�1���_w\ճ&AB
�glCC�1{�ڡPXfeuE��$ciy�:
Y�4���hS\ESkHb4"*paBX�a0
S]�JU�lQԼ;��V�4:E�80�GeCf+[ꯦ��T+�pzۻ(�Sg&�;Ql�˘@/-�#���1$6/Pk�
.a@C��%)& S^a\FB�k��
ZCbP&ܔwц.�[�XR]oXL��+*�9G�qϟ��
sFWyQFfYa0K�ykR^K'VUJj5J.wq�)4G
@rF�g}qs`ћxoũ1F�tE��Jo��u�>tɕK-ޫp c.Z$ c`W��.�_��k�OW�rB�[��'��ʂX
�hO7`sk'(��k�=0E��CV8!��H�*�7hVІ{e�gjڳt_KtwT �|qCJhB�"0�u/eOTu)U,jl�T�`Z�:�-,�H+���
�c44}�
��:*zIe߯Y_�c7g!h�"QkF&:�FdHCtΈ+6RNT:) '�8՟o�F*�ϛ=G$1�*@7Z)��
E�4~�JEW>675/J1�p]8�?C�,tljy��0:g|�}+�ZQFn�ķ(AD1�ϫ
/��jSh���tUMP}2�YhSYpg#ؚIu�LٔY�6J�L�sݿy�Wj�=z{Gq;Y qLW!SB�9�^% ��ɹ%w��AVN�ZPn3i`�e|P.�_͛>9lv'<�
hr�õm��7f��D��v?)�sc{qO�f?�]ou*�Z-Y��i
r=ct��e�>u1�Gci��}�[U�ה1�Ze�ɲ7)Ь6�V�#�iA/�]fRvQLlvLTSdT�RZ|bZ�.3zX�z+)uzhE5�&Q�rM�E
7uGM4:VH'!I�(uO(Ke嵤:i1RʵRM()BoE�D\vOJZbmM�
��lJqZAK�τkx~�E�6-2j=kR/ԕK��Oe%3Eq1�8@X=x}�d6
G�j+jBgyr�`�3O?f#[i�Yy�Vum4ItH�"5Hq+�$˴%I?N�����0QtA�*ƾD�.CGTTWFo�oy!A"7S[�U�ts��UI�P5�]�Uj; s��4�G\�0BR��1|ʢ'r ]N7�.�_VZi�va�^�`| @`'d1s<ɷo�njC�<: +�An)ɡX�XD�>QkfR{e"��nkR2/ȷ��էݽ]VWv��/(0�h_�hCm�M�0:;bd}g]ItMv@J�ۇ>^E��1a� W^^����fCr|8)��z{B�vi�Թ~~<:��m~l1�9zˁWM$(��X�q�,I!ͧ^Y�{{:9\~y�m}ڏ"4�-o�d�hF4r��ECR|{�y-{wD�s9A� n2H·�,�O!yۭFS�̠�o2X�G|��0<㥑a3WDH[�h`�I3�TυUs>\zF_j,49Eψa6�J4Z��!Β#s�}u�YLPH:X!�a��P��H��R
~tIwu��.V_$�@Anp�Kz!NU��Hy*e4��e5:)K<;i�w[)x�5[;E_W%'k;
eZ-g[M7S+tY;GD_q-�s��z<~��\2Z9ntL{��>6�Bj?$Y^3_��{�o�E5p�XIS"�9oթ-ݱi'>�eax!wl q�%ӝr*f BٸEO[,,m��Ss8S��< �AGJ脚bye5-�e3O5NR�MLC]�OC/��$�;�+B6Tzs �go�SÚ�mfy�jt.>l6V"9GG�X:[
.VH0_Ӹ\bw[D XY�+o�x�etװ>CT䵴�f[YUHO~�'%��6
X�TzH0�Hr倜�b{~�U߯Il{;u,#�(���9#7:;NjG��9ʼS�3`(�u�+KׅN�o-�W�3kyR̵jПd#�ᛷ
6n�2'|2JO�$hבּ�~QϜ��tGov/zfC�F=foݷ$v'ۻw�}wq*ApC�-3�����'Kmh[, 'T76_�PӨQ��4��=X{�+stbL��Cp�,KJMLjqCw�E
;y
zw^�؛U0&&"oT w��7,,��ZvUe"hw'fo6�S̼G|I�d(,���3&PZ.����;8Rm'eS`=
tI���]]��61˃|K}w�kB[�f�f�xtw�9"NS6|p,uYD:n9�f!Ԏ#Ȓ�m�`nj5mZR1th�}t�R�Զj췖+V�V�URrX+qX_��V%\S>,HEkQ:��=ohڦQ~:o#\?TN���XMt�+���R}X1�&꾢"á�@��D Q8H@�;/M�/n?mm*/QF�F3*چC\;��2`l�4�$x>fVHW�%.��Xw7�y*�+;�y�#7E��!P�rK[
ا[1e�#˯D7-Bk�:7�ڋ_]lݟJoSʃO
ە|P4hD5^�$pH
��pb&}m* h=ͭr`W�*%�c6x{��]:q�AF�`yƤ:\.]�=�Wz��M�{�s��z�"j��D4Xz˞w=0,�Msm����r� A��K���!<��Mqmn7#�p,�Q|]r&:�kJX5U}}#��5d ԊtB`h0YnKWl*ݒB�sxBx{q
�����ִY`[ܛUͮh�Nj
-N{rĕk�z���Q1:L}qI�L�3�w[Ys++Ƴ&`]�[=t7"�! (#�j�X$�:AX\�p`D�IS��)�h>�1<�^
Ǝ�h�o3"{A۴Vx{�7i�3�`�Wul<_�/F5y0�mum-6bVԽ�敲4V
-_?�'];Am�Aɼ#�Ь$5VfX)j%M"q0M?��+┉fai��%3_&�H5P���"YF"���)z`X9kҽ9>u]̫g�;2(PAZx_ڋKۨ_�ˎ}KrC��Z=;�hO7f�>*b1D�bX�Gj���OQ5F)O.z��f��Dtunq�v�6K.{�[�A�'rp�"itcO{
es�^7>k_A'-g��YΞëF(|J��xl�f'QYH�:-A�[�^z?�i�S�ΰ6$o�,Se�ͦ��l1a�6��:&M_NRџSwG~��SxMTǏ;"'k~;;ѥ#٧0����-dH&��D#ঐ_N9W?��o�7N �@vxr7=!?H�_Urc[A|�qSSE~;1W-�f�8�ɠa�b��EO4�#z.�@�]o���P] TmS_N|C�g�_D��a�+�aV?Ʈ"��Jf��ad�$ƽVl�E߽gL�l�GMmMCl @�jQ�&flZO�'p.4XDJPa �o`q��K&5\Iee3-�Ou{�(^<ΙTh,ZNtGTĥ+�c.эZMWK.��K\G"��*ߕl��W1
{BZ�Ļi�椷 �O=#T0Y|�HU%
&
0Zpi1~y
z|ems|_YM13bmC5�0^�fB}]�{y
ֵ/mLteV8Ow|
e.f�I&37{u2��C[wnĞܐ��s�mQ�Na�c,9h7o,n�J6H�@�!�ZM�2Ӱp-S|
Y?�NReF��̛i�R
?ZIjЋP^Csw'.ؕպԴzY�ܧF(++Ɋ���EZ#�Cta�WK\� ړv�̝5W*ZTf0oHZ3X* E�L�%6F�,�W飏ji+�TJ M�?;�-剔9J ''��W�q�\o7�z�8y�ABhX`\�GLa
�� xo/�5!o�I{m��>9<ű;�>1
Hۡ$Z[dн<#��P]�_ayZܾ\`{qİ̎+�66Ƕl�vn|DOS�)q<�>3�K��$@$=bf<濽#RF¯R�^�f�FܞUk"@�*1Xt1Y�jJGh-;P�=M�_cB~1@>�W'��n�yVmIz .�kx�>aO�R>hueaj+;Yא5�n�U@�8AnK�elm6
�~e��}�eM&`�Cq9r�t�7%eZS[�ٓ["8�G�֣/�|�T�3/b3-Ѩ#�^�>I�11K=
o~{@\�q
81q�,ގ�E|E|z['Ae}�>l1aEhb#���^)
��`v#CsN.7v߾@,;C}m!���y;��� Eit�ofq>G�6�R+�Qwga��-=�qeL\-@к�lŧtS)F|1[GB(TK��Α,R~k47�/{ʾR0F$u2��C:���Z�A�h4iED#Rhb��GDcM /�nrn[ք ᑰ
�5"��
B
p;%HJ
1шb�#c�7žӖ�{(m��we~�t:&���Z!n5Kf�ltQQ({b8M�u?3�,ȏJWHmݜ�(�8���zy�P��h$`x=9~ie�ta~X{��dO (��
�@Ka1c�~Po֔J$2
>�(%>g�ٕa)걪VR�?c�P�w^7e|s=M镬B*9^���Ȉq�;�ZG��L،\�ݹ�N|
+Q^e9DM@_o&LlW?&z
[''^O˧VֆCYCW'>;uIc:�jS#�[}uR��B&7�b�S>o�I]hF&5/m�;9B9P~�)By7�9�hp)?@�|OPiuY<.�r_'\C;9+4?rʿ@�<�>v͋�/r��y�9�\��"?/?/r�e2�P9�r�)r�˜�̑K�˜B9.n~�+S�:z/���_?�}P9�g�@M^9M�@79�_zy�[9rֺ
۩�QNyw�槴I��x崝#&J2W喛O'i��kz(#s<2g.�g}=*
u�=�}٘?�QǒGЬ��]#=D)�s�ҟ\2fA�<�'ԎnOAr^Ew�MwҮ[0�/:)7.p{Zӛ��ڎwڝGfeDd;�w6�K췡^^֪_p3��lc}k��;}}:�\>Cg6m'[��*8z:S��
��?,R�|c ,>x��0�vڢ{�ꑜ�.+
76�"u`�-� i7�Jղ�VJZ8qG;F"ð���{�$&4v�XW5rF(x�e��h�[i2�oVS�y�Vi8�n[z?�"z5��>�[xc6D{�+c�AV73�/��~*_�v3*m��(G2�)�21�s1@͝eN&u1*j6d%q<``����>&�\ʠaCojYb�J;�cp��\;�l�=4 gj
Y(}by0\9�hwx�2OI)ĪG�9Шscwˡ�;~t{��
T�z\ 7oJ/ݳ�x��K�Q,V+ ��k`Ver-�c6O-�5U,%OB;P@K�`{slg"�X)43Gw( �8�[]^L�:χ�qm�X<�ap��N]$�d
��W ޙ�n'qgvЕZq刾��xL´kD7�v�m�Ĵ�`O҂㣍A�ֽ��T#iZc7"9ݜ�ţ2aс(Y�c{XmD8k9t}�y
�ůD|݆mwoٚ\�ؓ�6w1�d`6Nώ�;]:��uu;Вߧ�/T�B�#�,tJ<~�;" ?��c[Ȥ�IdL��~1~-�pIi���`^f�ƽP\�ul70H-��t{z [8=v�`��&�G�S ?[��KGJL�EN�$~
��܂9�0r^���]�ɡ=�F�$>}T.I
�sE�yב�y,&Jh݄�B:Ʉ4s}�M)˯>�mI�1¢N˭n犱Lԛ�Zd�L7�A����f�&}#K�m��cT��F\�gȌQ)x�W&K:S3U)֜��/gз��d쥽%�}Yq ��v.}��W_OwD.M$Cb9G$]!
""3`A�0^|e�D$u�
�FϨn��ob���Am'{;*lٹ�˜2J1Д8ٶ2#OA3r
ϭ�e[� |kc'p�g!-X�0���n=ձ]w
�O`7@#>&�rd{Ko�^kSsL%^�cHPWϗݜ����Xo|
8j�O.�d�6�C|�gKo��
9@/7A{?J��B ϱ{1ng`�SwDl
.7�(�./]$
xWa.*e;1KMP`�O3�M�|B��p�#Q��*Ү��x�9kK@0mѥhOY�m0o6`��/#]Ǟ':K$~Al=b�Ҷ\)V�cʅ.-S�ܟ?Ba��҃fFH/�X��(K#�Lw]�n)ZF��1u��BR�(a��t L?:?c9VIٶ�7G,cհ�¶u4m���/l+�7�W
��/߶�7qݼgmE>m+�Ѝ��O|3'�ȱ��b@xϖ��έ{~k�#'>�g~wxur!}/ő,,�L[˅OىB�WѰ0�L;,lqED%e��2JACb
0F
��c:e�brYMS
cJ\g'�ۂ�~�Ӎ+G�S<"Y<.ǮL_�xW%L+DzU\�Z
12Mo,/`kV�"�K�y�'EQ�C��s�3=�|ל �r?qm�r�?{���]9,M��clR�c9af�r[�*0V_�k��A�k�Le�U��|tCGYEL`&;]+ N*t&vж?g8
a�cL
1L\H,R�.�7Wv!{�ZyƋ�|�_E>�ODNű<<�Sf}')`�|3
|
Network Security & Hardware 
