Problems? See this thread at archive.org.
Well, in the piece by Russinovich that you quote in your signature, Mark makes a point of emphasizing that UAC is in fact not so much about security as it is about convenience (of allowing the user to easily switch to elevated privileges when necessary). Like I said, I have been running WinNT-type OSes strictly as a standard user for almost ten years now, with excellent success. There's been only two caveats:
First, you have to have a minimal understanding of what it is you are doing, so that you understand which kind of applications need to be run with administrative rights. Otherwise, in WinXP and below, all you would get is either a somewhat cryptic "permission denied" message, or even strange failures of certain applications.
Secondly, you have to make a point of only using applications that are, in fact, Windows-compatible. It is worth pointing out that the corresponding guidelines for software developers have been out for more than a decade now, and it is therefore inexcusable, and a scandal when you have user-mode applications that require elevated privileges (because they blithely write files and settings into protected system areas, something that no real operating system can allow to happen). Whenever I encountered such software, I would contact the developer and tell them their software is not compatible with Windows, and that I will not use or pay for it until the problem is fixed. Fortunately, for a number of years now practically all software made by reputable developers meets Windows compatibility guidelines, and runs just fine for a standard user. Heck, by now even the newest version of Quicken works as it should...
Now, unfortunately in my opinion, but quite understandably on the other hand, when designing Vista Microsoft caved in to the reality of quite a few programs (and games, in particular) out there still acting like they would run on a DOS box, with no security of any kind. They did the right thing on the one hand, of making the Standard User the default user type, but added UAC to make this more palatable, and on top of that (huge mistake IMHO) added file system and registry virtualization. So, did that really help make Windows more secure?
Well, I'd venture a guess that the majority of Vista users run with administrative user accounts, and many have UAC disabled. Of course, the combination of these two actions means that in one fell swoop, these users have effectively disabled the security of their OS completely. With these two modifications, their computer has about the same security as a DOS machine, namely none at all. Of course, these "power users" then add a half dozen or so anti-this and anti-that programs to their system to make it "secure", not realizing that the security they gain by this is almost negligible compared to what they destroyed... It would take me, or anybody even vaguely familiar with Windows, no more than five minutes to write a little script that can completely and irrepairably destroy such machines within fractions of a second, without so much as a peep from any of the anti-virus or anti-malware programs out there...
-
Well, processes that are already elevated can basically do whatever they want without requiring any new elevation. And if the user doesn't know what UAC is and just clicks "Continue" each and every time, that won't help anything.
Compared to the "new" implementation, there are some more problems. For instance, applications that have lower rights could simply communicate with windows of applications with higher rights and tell them what to do, if I remember that right.
I'm not quite sure, but if I remember that right, they initially planned to remove the file system and registry virtualization after some time. If they hadn't built it in, Vista would have been highly incompatible to existing Windows applications, so they had to. That's Microsoft's past hitting them now.
Not that they'd care about past mistakes unless their existence was in danger...
I don't think the majority of Vista users using an adminstrative account with UAC disabled (I still think the majority doesn't know what it is, has it enabled because it had been enabled right out of the box and just clicks Continue every time), but either way, it can't be said often enough that anti-virus and/or anti-spyware have gotten less and less effective in the past.
Ah, I see, you already got that right. The only thing I was talking about just was that you can never be 100% sure (although you can get extremely close). I just get an odd feeling every time I hear/read somebody saying/writing: "I have never had a single Virus within the past so many months/years/whatever timeframe".
Sorry, but that is wrong.
First of all, software flaws that may be used by attackers to run arbitrary code (regardless of the kind of security flaw) aren't always fixed as soon as they are discovered, for various reasons.
Second (and most important): what you are talking about is Worms. They had often spread via holes in default operating system services that are listening to the outside. In Vista, the chance of successful exploitation of such holes has decreased compared to its predecessors, due to various reasons, for instance ASLR, Service hardening ( Wikipedia:Hardening_(computing)) and DEP (DEP is available with XP SP2 and up).
Buffer overflows on general are indeed one of the biggest security problems, not only in components of operating systems. For instance http://www.mozilla.org/security/announce/2008/mfsa2008-34.html:
MZ Vista Force (Tweaking Guide)
Discussion in 'Windows OS and Software' started by MaXimus, Jun 1, 2009.
