UAC (User Account Control) discussion thread

Discussion in 'other security issues & news' started by MrBrian, Jan 3, 2015.

  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    If you do switch to LUA, it might be easier to create a new admin account, and demote your existing admin account to LUA, so that you don't have to redo too many settings.
     
  2. guest

    guest Guest

    Thank you. :) Yes that is what I did in a few attempts. But since apps can't write or even run without elevation, these are kind of preventing me to go all LUA.
     
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    You're welcome :).

    What I do is in post #5.
     
  4. guest

    guest Guest

  5. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,380
    Location:
    West Yorkshire, UK
  6. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,244
    Location:
    Southern Rocky Mountains USA
    I generally have to deal with this on an app by app basis. It is almost always a data folder or .ini or .dat or or other data files inside of the program's folder in the "Program Files" directory. I have to change the file permission from "read and execute" to "read" and "write". Newer windows applications tend not to put their configuration and data files in the main program folder and I've had less LUA compatibility issues with newer software.
     
  7. guest

    guest Guest

    Indeed, more modern apps usually put them in AppData Roaming folder. But I had to use these ye olde apps, dated back up to Win2K era. :(
     
  8. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    The issue in post #22 was fixed in Windows 10, according to a May 4, 2015 post in thread UAC Bypass.
     
  9. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  10. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I tried the POC from the last post on Windows 7 x64:
    a) in admin account with UAC set to default: got message "We're UIAccess" without UAC prompt, apparently indicating elevation of privilege.
    b) in admin account with UAC set to max: got message "We're UIAccess" without UAC prompt, apparently indicating elevation of privilege.
    c) in a standard account: got message "We're UIAccess" without UAC prompt, apparently indicating elevation of privilege!

    If there really is elevation of privilege in c), then I don't understand why Microsoft won't fix it?!

    More info:
    User Account Control: Only elevate UIAccess applications that are installed in secure locations
    Security Considerations for Assistive Technologies
    Breaking the Broker
     
    Last edited: Jun 17, 2015
  11. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From Passive UAC Elevation:
    Mentioned on Twitter: https://twitter.com/malwaretechblog/status/530798290309505024.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.