Charles said:AndyC said:*snip*
Whatever. I'm finished with this topic.
I'm not sure what's worse: That we have to spend so long to convince MS people that remote-code-execution vulnerabilities exist (duh!) and can be made worse by combining them with a silent, instant UAC bypass, or that once that obvious fact is finally repeated enough times for it to sink in the response is always the same: Silence.
Besides which, WTF is the point of the UAC prompts, secure desktop, etc. if MS are happy to ignore a trivial (2 days to research and write from scratch) bypass mechanism which was raised four months ago, back when Windows was still at the public beta stage?
(Ignore, I might add, without even bothering to get the full details of what it was. To me that screams, "We know this feature is now just for show and we thus don't care about any issues people raise.")
Meanwhile using standard user still sucks and will be considered unusable by most people, because MS's private UAC-exemption backdoor only covers up the same old badly designed, prompt-(about-prompt)-spamming code for admin users, and third-party apps suffer under admin accounts for pure security theater.
It's crystal clear that the new UAC setting/default is an attempt to appease the complaints about Vista's UAC prompt-spamming -- a good aim but a terrible way to go about it! -- without appearing to go back to the bad-old-days of XP.
Yeah, if you make it so users see the odd UAC prompt for other people's software then they'll feel like they're secure, even though by default the prompts are now worth no more than a MessageBox("Are you sure?", MB_OKCANCEL)
(UAC itself isn't worthless, of course, but the prompts are at the default mode.)