Vuln Dev
Windows Vista winsat.exe Integer Overflow Mar 28 2008 08:08PM
jose eyeos org (1 replies)
Re: Windows Vista winsat.exe Integer Overflow Mar 29 2008 03:03AM
Steve Shockley (steve shockley shockley net) (1 replies)
Re: Windows Vista winsat.exe Integer Overflow Mar 31 2008 03:52AM
Valdis Kletnieks vt edu (1 replies)
RE: Windows Vista winsat.exe Integer Overflow Apr 02 2008 08:39PM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)

> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed]
> [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of
> Valdis.Kletnieks (at) vt (dot) edu [email concealed]
> Sent: Sunday, March 30, 2008 8:52 PM
> To: Steve Shockley
> Cc: vuln-dev (at) securityfocus (dot) com [email concealed]
> Subject: Re: Windows Vista winsat.exe Integer Overflow
>
> On Fri, 28 Mar 2008 23:03:55 EDT, Steve Shockley said:
>
> > You'd still have to convince the user to bypass UAC when he wasn't
> > expecting a UAC prompt, in addition to getting them to run it in the
> > first place.
>
> Experience has proved that neither of these should be all that
> difficult for an attacker - an incredibly large percentage of users
> will go ahead and run a .exe, clicking through multiple security
> warnings, if it promises to do something interesting (usually having
to
> do with somebody famous wearing too little clothing while
> misbehaving...)

Right - however, by default, you only get the UAC "prompt for consent"
when you are *already* running as admin. A normal user would have to
input the administrator username and password to continue the
installation. Of course you can require even the administrator to enter
username and password, and can even make non-administrative requests for
elevation automatically fail.

So, if you have someone who is going to run as administrator anyway,
download the untrusted .exe, execute it, and then confirm the execution
of the program without concern for what happens, we can't really fault
the OS for that at this point in the game.

t

[ reply ]
Re: Windows Vista winsat.exe Integer Overflow Apr 03 2008 02:33AM
Valdis Kletnieks vt edu


 

Privacy Statement
Copyright 2010, SecurityFocus