Symantec's Matthew Conover has taken a look at the versions of Vista currently available and describes how the new security mechanisms work. Once again, Microsoft has not moved away from the concept that user accounts created during installation have administrator rights. The accounts are, however, created as "Least-Privilege User Accounts" (LUA). User Account Protection (UAP) is to ensure that processes only get administrator rights with prior user consent, i.e. when the user's password is entered. Internet Explorer even makes do with fewer rights than normal user processes. To insure backwards compatibility, the Redmond developers have introduced a virtualization layer for file and registry access that allows a process, for instance, to open and write to a persistent personal copy of the global write-protected file win.ini.
Conover also analyzes a number of weak points in this concept and even describes a number of ways to attack the operating system by having a contaminant with the lowest rights attained from Internet Explorer work its way up to system rights. However, the specific weak points he utilized have already been remedied in recent beta versions of Vista.
- Analysis of the Windows Vista Security Model Matthew Conover at Symantec