It seemed only hours ago Microsoft stood by their decision not to change the UAC control panel behavior in Windows insisting it was “by design”. Oh wait, it was only hours ago. Nevertheless, three hours and numerous comments later, Microsoft reversed their decision for the better of all Windows 7 users. The Engineering 7 blog writes,
The result is actually even slightly better than what I had hoped for. I originally proposed a secure confirmation to be displayed when the UAC level is changed, but Microsoft one-upped that proposal to also run the UAC control panel in high-integrity which means malicious applications cannot manipulate the user-interface of that window without first elevating itself.
All I want to say is thank you to everyone who took the time out to thoroughly understand the issue at hand and continued to spread the message in a constructive and meaningful manner. At the same time I also want to acknowledge everyone who may have disagreed with our opinions for also being constructive.
The day I posted my original article I had lost my ADSL internet connection, and still to this day it is down. So Microsoft, if you disconnected my internet, I’d like to have it back now please.
Update: I’d also like to reiterate, until the RC build of Windows 7 is available, everyone using the Windows 7 Beta should change their UAC setting to “max” to ensure they are safe from either UAC vulnerabilities.
All I want to say is thank you to everyone who took the time out to thoroughly understand the issue at hand and continued to spread the message in a constructive and meaningful manner. At the same time I also want to acknowledge everyone who may have disagreed with our opinions for also being constructive.
The day I posted my original article I had lost my ADSL internet connection, and still to this day it is down. So Microsoft, if you disconnected my internet, I’d like to have it back now please.
Update: I’d also like to reiterate, until the RC build of Windows 7 is available, everyone using the Windows 7 Beta should change their UAC setting to “max” to ensure they are safe from either UAC vulnerabilities.
没有评论:
发表评论