UAC vulnerability found in Windows 7 Beta
A simple script has been published by developer Rafael Rivera, which uses a vulnerability in the current Windows 7 beta to disable User Account Control (UAC). In a response to complaints about UAC in Windows Vista, Microsoft has made UAC in Windows 7 ask the user for permission less often and even hides prompts when users change Windows settings. Changing the UAC system settings has been made a lot easier for users in the new Windows 7 beta as the default security has been reduced.
Rivera's script sends keyboard commands to the UAC dialog box and re-configures the UAC for a lower security setting, or disables it. The user receives no warning, but is simply asked to restart the PC for the changes to take effect. The script is currently a functional proof of concept.
Blogger Long Zheng has said Microsoft has denied that this is a vulnerability and advised that it will not be corrected in the final version of Windows 7. They say that in order for the malicious script to run with out the user knowing, it would have to already be installed on the computer, and in that case the PC is already compromised. The argument is not conclusive as the script does not require administrator privileges and the user does not need to authorise it to change the settings. For the script to work, according to Zheng, "the user must be in the “Administrative” user group, and not in the “Standard” user group, where they will be prompted for a administrative password."