Symantec: Vista UAC Prompts Cannot be Trusted

ambr00sio writes: "Symantec researcher Ollie Whitehouse has is warning that the UAC prompts in Windows Vista cannot be trusted to provide the end user with reliable warnings. In one potential attack scenario, Whitehouse showed how UAC privilege elevation prompts can look like it's coming from Microsoft Windows — when in fact the user is being asked to authorize admin rights for malicious code. Also see Slashdot's previous coverage of UAC design and implementation flaws."