Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Windows

Submission + - Beyond Trust Warns that UAC is Still Broken. (reuters.com) 2

twitter writes: "Enterprise users looking for a reason to upgrade from XP will be disappointed with Windows 7 security issues. BeyondTrust, a Least Privilege Management provider for Windows, warns that UAC changes are ineffective and not up to Federal regulations.

Despite growing CSO and CISO recognition of the need to deploy end-users as standard users, and requirements by the Federal Government for the removal of administrator rights under the Federal Desktop Core Configuration (FDCC) mandate, Windows 7 includes no significant changes to UAC for standard users.

"For enterprises, there is little benefit to the changes to User Account Control in Windows," said John Moyer, CEO of BeyondTrust. "Windows 7 introduces cosmetic changes to reduce the prompts that plagued Vista, but it does nothing to fix the underlying productivity and usability problems for standard users... Windows 7`s UAC slider puts end-users in charge of the security decision of what to run with administrative privileges, which is essentially an invitation for malicious users, hackers and malware."

It is amazing that Microsoft can not do what Unix and every gnu/linux distribution has done for decades, provide real user privilege separation. Where these are provided, it is easy to add GUI front ends like kdesu, so that authentication is simple and painless for the few times it is needed."

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Beyond Trust Warns that UAC is Still Broken.

Comments Filter:

"When the only tool you have is a hammer, you tend to treat everything as if it were a nail." -- Abraham Maslow

Working...