[cap-talk] Another UAC Confused Deputy
Toby Murray
toby.murray at comlab.ox.ac.uk
Wed Feb 4 16:01:28 EST 2009
Hi cap-talk,
Windows 7's UAC implementation (like Vista's [1]) is vulnerable to a
confused deputy attack [2] that stems from the ambient authority granted
to signed executables to bypass it. Some of these, like
RunLegacyCPLElevated.exe from Vista are confused deputies.
http://www.theregister.co.uk/2009/02/04/windows_uac_flaw/
The evidence is mounting that all non-trivial IBAC systems will contain
confused deputies, my nitpicking about technicalities with David-Sarah
notwithstanding.
Cheers
Toby
[1]
http://web.comlab.ox.ac.uk/people/Gavin.Lowe/Papers/analysing_authority.pdf
[2] http://www.theregister.co.uk/2009/02/04/windows_uac_flaw/
More information about the cap-talk
mailing list