Microsoft has responded to the recent criticism of the way UAC is implemented in Windows 7. The so called Windows 7 UAC flaw which was discovered by several security experts in the past days referred to the possibility of changing the UAC level of the Windows 7 operating system without the need for user interaction.
Microsoft’s response to the criticism is the following:
Recapping the discussion so far, we know that the recent feedback does not represent a security vulnerability because malicious software would already need to be running on the system. We know that Windows 7 and IE8 together provide improved protection for users to prevent malware from making it onto their machines. We know that the feedback does not apply to the “Always Notify” setting of UAC; and we know that UAC is not 100% effective at stopping malware once it is running. One might ask, why does the “Notify me only when…” setting exist, and why is it the default?
While it is definitely true that malware has to be running to change or even disable UAC on a Windows 7 it would probably please all parties involved in the discussion if the user would be notified whenever the UAC setting is changed on the Windows 7 system. This would ensure that no software could manipulate the User Account Control without the user’s consent. The best way of implementation would be to make this an optional setting in the UAC controls that could be turned off by users who would not need it.
