Windows 10 UAC Bypass Uses "Apps & Features" Utility

https://www.bleepingcomputer.com/news/security/windows-10-uac-bypass-uses-apps-and-features-utility/

 

Another built-in tool exploited with mitigation similar as in other cases.

 

Blame MS for putting users as admin by default then Blame stupid users who complained about UAC on Vista was too restrictive and "annoying" which leads to the actual weak "Default level" UAC on win7/8/10.

 

UAVC has always been somewhat suspect in its efficiency & user friendliness...which is why I have never, ever used it...with no ill effects.

But then again, I do use VoodooShield...

 

Based of your understanding of its purpose, which i guess is that you consider UAC as a security boundary (which it is not).

 

Please don't presume to guess or think that you know what I understand or what I consider...that is extremely arrogant of you, and you are totally wrong.

Over and out!

 

My assumption is based on this.

FYI, VS has to nothing do with UAC...

 

On admin accounts, there are files and services running with admin/system privileges on the same desktop with those running with lower privileges so there will always be techniques to bypass it, some of which even work on the "Always Notify" setting.

This doesn't mean one ought to disable UAC. It means one should use standard user account for daily usage.

https://www.bleepingcomputer.com/ne...nt-of-all-critical-microsoft-vulnerabilities/

 

Basic best practices.

There is now no valid reasons not to use SUA , but guess what? some will always find one

 

This has always been guest's problem when it comes to UAC, he seems to think that when people say "UAC sucks", they don't understand the purpose.

The point is that VS will keep the system safe, without the annoyance of UAC.

 

If UAC is not a security boundary then what is it?

 

MS said, it is not, so people are just paraphrasing it, though it is obvious, that it is able to stop number of exploits and malware, when set to max of course, even wannacry to some extend.

 

Well, I think it is, at least if it's set to its maximum level. However, I think that using a standard user account is definitely the superior solution. This is what I've been doing for years without any problems + SRP. I can't understand why most users don't. And I can't understand why UAC is called an annoyance.

But hey, I'm mostly running Linux anyhow - so what the heck.

 

Yes, I'm aware that MS said UAC is not a security boundary and that people are repeating it, but what is the point of using it if not to improve security? There is none as far as I can tell.

 

Convenience tool. Standard user account is true security boundary, UAC is there for convenience reason. Both improve security but SUA improves it more.

 

The thing is, it's mostly meant to block exploits. So because of the fear of getting hacked by some super exploit that will bypass all of your security tools, people are willing to click on thousands of UAC alerts a year that are triggered by themselves. These are the so called "expected alerts", but you should be wary of the "unexpected" ones, even if it's likely you might never encounter them.

 

Tairiku- Actually WannaCry neither requests nor needs privilege escalation to mess you up. So even with UAC at the Max one will be very, very disappointed by the results.

 

What? Granted - I don't run Windows all day long (as I'm a Linux user) but whenever I do I don't see any such alerts. I mean, why should I? By browsing the web, reading emails, starting Excel or what? Certainly not!

I don't know what you're doing if you're getting that many alerts. Probably by playing with some unnecessary 3rd-party security tools

 

Exploits are only one problem where UAC can help. IMO MS introduced this to improve security level of admin account because thy didn't want to "force" users to run as SUA by default. At the end it doesn't solve a problem of dangerous users it just improves security for careful ones - just like any other security related tool.

P.S.: with millions of clicks conducted a year what is a few thousand more?

 

That's why I suggest UAC or better SUA + SRP. That doesn't fix vulnerabilities, e.g., in SMB but reliably prevents infections, e.g., through email attachments.

EDIT: ... unless you execute them with admin rights, of course

 

WannaCry encrypted all my partitions except those protected by UAC.

 

Since Windows 7 there are none, IMHO. guest is right here.

 

LOL, thanks for bringing this up, probably this is why M$ isn't calling it a security boundary. After all, if the user wants to run some tool, a UAC alert won't help, and some malware don't even need administrative rights.

Guess again, let's do some math. Running Process Explorer 10 times a day = 365 * 10 = 3650 UAC alerts.