[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe
- To: Stefan Kanthak <stefan.kanthak@xxxxxxxx>
- Subject: Re: [FD] Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe
- From: rai@xxxxxxxxxxxxxxx
- Date: Thu, 22 May 2014 08:32:24 +0000
On 2014-05-21 16:26, Stefan Kanthak wrote:
3. You think Windows' "user account control" is a security boundary.
UAC is but NOT a security boundary:
<http://technet.microsoft.com/magazine/2007.06.uac.aspx>
Microsoft tries to sell "defense in depth" to their customers since
they
started their "trustworthy computing" about 13 years ago. But they
still
create administrator accounts during Windows setup, CreateProcess()
still
has the idiosyncrazy to execute C:\Program.exe, and the WHQL
certification
still let drivers pass which execute C:\Program.exe during installation
and
operation.
Microsoft has been clear on this point, even from Vista as an old
Symantec report notes:
"This message has been echoed by others at Microsoft in response to
vulnerabilities being discovered in
UAC. Microsoft’s message is that UAC vulnerabilities are not considered
security issues, as UAC does
not provide a security boundary."
and they
"observed that the User Account Control can be easily disabled
manually... via the Local Security Policy tool included in Windows
Vista."
http://maker.fea.st/Symantec_Security_Implications_of_Windows_Vista.pdf
(pg. 10 - more Microsoft references there)
--
rai
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/