12 March 2015
Post ‘Bypassing Windows User Account Control (UAC) and ways of mitigation‘ is definitely worth reading. It shows how easy User Account Control (UAC) in Windows 7 can be bypassed.
Once a single computer is compromised, an attacker has enough time to search for the next victim in the network. Finally, when he finds a Windows 7 computer where a domain admin logs on, it ends up with a Sony like disaster.
From a technical point of view mitigation is really easy:
- Remove whatever privileges from the users.
- Set UAC to ‘Always notify me’, even for administrators.
But this are very unpopular measures. User acceptance is very low, as well as business support. Therefore IT groups are always interested in high sophisticated and expensive solutions to keep business impact as low as possible.
IT security is to a large extent a matter of leadership …
That’s it for today!