Vulnerability Development mailing list archives
RE: Windows Vista winsat.exe Integer Overflow
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Wed, 2 Apr 2008 13:39:36 -0700
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Valdis.Kletnieks () vt edu Sent: Sunday, March 30, 2008 8:52 PM To: Steve Shockley Cc: vuln-dev () securityfocus com Subject: Re: Windows Vista winsat.exe Integer Overflow On Fri, 28 Mar 2008 23:03:55 EDT, Steve Shockley said:You'd still have to convince the user to bypass UAC when he wasn't expecting a UAC prompt, in addition to getting them to run it in the first place.Experience has proved that neither of these should be all that difficult for an attacker - an incredibly large percentage of users will go ahead and run a .exe, clicking through multiple security warnings, if it promises to do something interesting (usually having
to
do with somebody famous wearing too little clothing while misbehaving...)
Right - however, by default, you only get the UAC "prompt for consent" when you are *already* running as admin. A normal user would have to input the administrator username and password to continue the installation. Of course you can require even the administrator to enter username and password, and can even make non-administrative requests for elevation automatically fail. So, if you have someone who is going to run as administrator anyway, download the untrusted .exe, execute it, and then confirm the execution of the program without concern for what happens, we can't really fault the OS for that at this point in the game. t
Current thread:
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 01)
- RE: Windows Vista winsat.exe Integer Overflow Thor (Hammer of God) (Apr 02)
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 03)
- Message not available
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 04)
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 03)
- RE: Windows Vista winsat.exe Integer Overflow Thor (Hammer of God) (Apr 02)