Vista “Hacked”

August 7, 2006

A researcher at the Black Hat security conference showed how to hack the new Vista OS.  Admittedly the OS does warn the user about the potential threat, but as long as the user has admin rights to the machine (which most users have to their own personal laptops or desktops) the OS lets them execute the code.

“I just hit accept,” Rutkowska replied to a question from the audience about how she bypassed UAC. Because of the many security pop-ups in Windows, many users will do the same without realizing what they are allowing, she said.

This gets back to my previous post about IE security.  Simply warning the user isn’t going to cut it.  And too many warnings is going to make the user do stupid things.  I hope MS can come up with a better approach.

Read more here.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: