18 May 2007

Defeating UAC with a two-stage malware attack

"An independent security researcher has released details on a two-stage malware attack against Windows Vista to show how easy it is for non-privileged code to replace shortcuts on the Start Menu and intercept UAC (User Account Control) privilege elevation prompts.

Rob Paveza’s proof-of-concept (.pdf) uses a regular Trojan horse program as a “proxy infection tool” that does not prompt for a UAC roadblock warning because it doesn’t make any suspicious system changes."

Click on the link below for the full article:


No comments: