SUA vs. Protected Admin in Windows 7

Yes, that is what I mean; Surun from within a Standard account vs Protected Admin. My unprofessional gut feeling tells me I'm very unlikely to get compromised this way, but I still might consider changing things, which could mean removing SuRun.

 

SuRun was apparently fixed for the command prompt autorun issue, so I guess that's one advantage of SuRun vs. protected admin account with UAC at max.

I did some web searches for "HKEY_CURRENT_USER\Software\Microsoft\Command Processor" "autorun" report and also "HKCU\Software\Microsoft\Command Processor" "autorun" report. I found some matching malware reports but I couldn't be sure that the malware was actually using this to elevate, as opposed to just running a batch file when a non-elevated command prompt is opened.

 

That's at least reassuring.

 

As noted by x942 in another thread, Metasploit has a Windows 7 UAC bypass that apparently works when UAC is set lower than max. The Metasploit website has a page dedicated to it.

See hxxp://www.secmaniac.com/december-2010/bypass-windows-uac/ for details and download. This uses the same concept as mentioned in post #9.

 

I bet it is

 

None of the malware scanners on one of the major online multi-malware scanning engine websites detects the .exe version of the program referenced in my last post as a potentially unwanted program or a hacking tool.

According to hxxp://www.pretentiousname.com/misc/win7_uac_whitelist2.html, there are no changes in Windows 8 Developer Preview vs. Windows 7 regarding UAC.

 

Just another example illustrating the ineffectiveness of antivirus.

 

It keeps being pointed out and will continue.

 

There should be! I want to choose whether I want to install something globally or in the current user context!

Is Microsoft that brainless? Come on... Why can't I have, say, one browser set as the default browser in one user account, and a different browser set as the default browser, in another user account?

Is it that hard to understand that some people share the computer, but have different browsers as their chosen browser? If they click a link in an e-mail, it will open the default browser that some "administrator" chose to be his/hers. Why can't the wife, etc., have different browsers as their default one?

etc..

If ONE developer made it possible (SuRun), can't Micro$oft do it, too?

 

They so badly want you to use their browser

 

Exactly, product placement.

 

It's a case to say Too bad... for Microsoft, that EU forces them not to bundle IE.

 

From The dangers of per-user COM objects in Windows: