It seemed only hours ago Microsoft stood by their decision not to change the UAC control panel behavior in Windows insisting it was “by design”. Oh wait, it was only hours ago. Nevertheless, three hours and numerous comments later, Microsoft reversed their decision for the better of all Windows 7 users. The Engineering 7 blog writes,
…we are going to deliver two changes to the Release Candidate that we’ll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation.
The result is actually even slightly better than what I had hoped for. I originally proposed a secure confirmation to be displayed when the UAC level is changed, but Microsoft one-upped that proposal to also run the UAC control panel in high-integrity which means malicious applications cannot manipulate the user-interface of that window without first elevating itself.
All I want to say is thank you to everyone who took the time out to thoroughly understand the issue at hand and continued to spread the message in a constructive and meaningful manner. At the same time I also want to acknowledge everyone who may have disagreed with our opinions for also being constructive.
The day I posted my original article I had lost my ADSL internet connection, and still to this day it is down. So Microsoft, if you disconnected my internet, I’d like to have it back now please.
Update: I’d also like to reiterate, until the RC build of Windows 7 is available, everyone using the Windows 7 Beta should change their UAC setting to “max” to ensure they are safe from either UAC vulnerabilities.