URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/90389211/article.pl
Cuts and bruises writes "Hacker Joanna Rutkowska has flagged a "very
severe hole" in the design of Windows Vista's User Account Controls
(UAC) feature. The issue is that Vista automatically assumes that all
setup programs (application installers) should be run with
administrator privileges -- and gives the user no option to let them
run without elevated privileges. This means that a freeware Tetris
installer would be allowed to load kernel drivers. Microsoft's Mark
Russinovich acknowledges the risk factor but says it was a 'design
choice' to balance security with ease of use."
Nenhum comentário:
Postar um comentário