"An independent security researcher has released details on a two-stage malware attack against Windows Vista to show how easy it is for non-privileged code to replace shortcuts on the Start Menu and intercept UAC (User Account Control) privilege elevation prompts.
Rob Paveza’s proof-of-concept (.pdf) uses a regular Trojan horse program as a “proxy infection tool” that does not prompt for a UAC roadblock warning because it doesn’t make any suspicious system changes."
Click on the link below for the full article:
http://blogs.zdnet.com/security/?p=203
No comments:
Post a Comment