Skip to main content
Super User

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

5
  • Haven't these 2 exploits been fixed in Windows 7 RTM? The articles seem to be dated 2009 and before W7 RTM was released. See this post for more information: blogs.msdn.com/b/e7/archive/2009/02/05/…
    – Joe Schmoe
    Commented Jan 19, 2014 at 21:21
  • As I read the blog entry you linked to, they've just made sure that changing UAC level, will trigger UAC confirmation too (which sounds sensible). As per Leo's website (which I linked to): "Everything below still applies to the final retail release of Windows 7 (and all updates as of 14/Sep/2011)". I know lots of patches have been released since, but it doesn't sounds like it's considered a security hole and MS may not want to patch it ("this behavior is by design")?
    – abstrask
    Commented Jan 19, 2014 at 21:41
  • Yes, you are correct. I missed that important part - that it still applies as of 2011. I really should have paid more attention.
    – Joe Schmoe
    Commented Jan 19, 2014 at 21:46
  • The link to the informative post on the Windows blog is dead now. I have updated the link so it points to the last crawl at archive.org
    – abstrask
    Commented Aug 20, 2014 at 9:56
  • As of today there is an option in Windows 10 to disable UAC auto-elevation, which will show the prompt for every admin task.
    – Hey
    Commented May 24, 2017 at 12:43