Full Disclosure mailing list archives
Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe
From: rai () openmailbox org
Date: Thu, 22 May 2014 08:32:24 +0000
On 2014-05-21 16:26, Stefan Kanthak wrote:
3. You think Windows' "user account control" is a security boundary. UAC is but NOT a security boundary: <http://technet.microsoft.com/magazine/2007.06.uac.aspx>
Microsoft tries to sell "defense in depth" to their customers since they started their "trustworthy computing" about 13 years ago. But they still create administrator accounts during Windows setup, CreateProcess() still has the idiosyncrazy to execute C:\Program.exe, and the WHQL certification still let drivers pass which execute C:\Program.exe during installation andoperation.
Microsoft has been clear on this point, even from Vista as an old Symantec report notes:
"This message has been echoed by others at Microsoft in response to vulnerabilities being discovered in UAC. Microsoft’s message is that UAC vulnerabilities are not considered security issues, as UAC does
not provide a security boundary." and they"observed that the User Account Control can be easily disabled manually... via the Local Security Policy tool included in Windows Vista."
http://maker.fea.st/Symantec_Security_Implications_of_Windows_Vista.pdf (pg. 10 - more Microsoft references there) -- rai _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe, (continued)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Tavis Ormandy (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Reindl Harald (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Michal Zalewski (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Stefan Kanthak (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Reindl Harald (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Michal Zalewski (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Mario Vilas (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe coderaptor (May 22)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe rai (May 22)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Michael Cramer (May 22)