Windows 7: Release Candidate 1 Preview
by Ryan Smith and Gary Key on May 5, 2009 11:00 PM EST- Posted in
- Systems
Reworking UAC
Predictably, one of the most common complaints about Vista was the User Access Control (UAC) feature, which firmly established a real degree of security in Vista by blocking applications from attaining administrator-level privileges by default. It was something that was long overdue for Windows given how easy it is to compromise a machine when everything runs with admin privileges, but that doesn’t mean it was taken well.
Half of the problem going into Vista’s release was that few applications were coded following best security practices, even though Microsoft had been recommending such a thing for years, and such practices were necessary for applications to work correctly under limited user accounts. With so many poorly coded applications misbehaving under Vista until they were brought up to spec by their developers, it left a bad taste in the mouths of many. Compounding the problem was that Vista’s UAC implementation was not streamlined very well, resulting in redundant notices. Microsoft resolved some of the streamlining issues in Vista SP1, but this never completely satisfied users who were expecting a more XP-like (and insecure) experience.
With Windows 7 we have an attempt at a compromise, which is a noble intention by Microsoft, but leaves us concerned about the security implications. Previously UAC could only be turned on or off (Group Policy settings not withstanding), which would sometimes result in unhappy users shutting it off and giving up most of Vista’s security abilities in the process. With Windows 7, UAC has now been divided up into four levels: Off, followed by three levels of increasingly strong security. Level 3 is the equivalent of Vista’s UAC mode, meanwhile Level 2 is the default setting for Windows 7. With Level 2, certain signed Microsoft applications (basically most of the Control Panel apps) are allowed to elevate to administrator privileges without needing user confirmation. The working belief here is that most people are encountering most of their UAC prompts when initially configuring Windows, and if they didn’t encounter those early prompts they would have no great reason to turn UAC off entirely, particularly since 3rd party applications are so much better behaved these days.
The UAC Control Panel With Level Slider
Hence the compromise is that UAC prompts are disabled, but only for the Control Panel apps, meanwhile all other regular apps are still controlled by UAC as normal. The concern we have with this compromise is that with applications allowed to auto-elevate from user to administrator, it creates a potential local privilege escalation exploit. For Beta 1, a proof of concept exploit was put together that used rundll32 to disable UAC entirely without informing the user or requiring their intervention. In return Microsoft removed the UAC control panel from the auto-elevating list so that any direct attempts to manipulate it still require user intervention. This blocked the proof of concept exploit while maintaining all the other benefits of Level 2 UAC. It should be noted however that similar exploits could still work with Level 1, as it’s Level 2 without the secure desktop screen (thereby allowing apps to fake pressing the Allow button).
At this point it remains to be seen if Level 2 could be exploited in a similar manner, such as by breaking out of another auto-elevated application and attacking UAC from there. The fact that it leaves an obvious potential attack vector open leaves us leery of Level 2. Microsoft had the security situation right in the first place with Level 3/Vista, and it may have been better if it stayed that way.
With that said, Level 2 does what it’s advertised to do. Compared to Level 3/Vista, you’re going to get far fewer UAC prompts when messing with Windows’ settings. Undoubtedly it won’t satisfy those who absolutely abhor UAC, but at some point Microsoft has done everything they can.
Quickly, the other security element that was reworked for Windows 7 is the Security Center, which has been expanded and renamed the Action Center. Besides being a one-stop-shop for various Windows security features, now it is also home to an overview of system maintenance tasks and troubleshooting help. This doesn’t significantly change the functionality of the Action Center, and the biggest change that most people will notice is the GUI.
The Windows 7 Action Center
Facebook
Twitter
RSS
121 Comments
View All Comments
nubie - Thursday, May 7, 2009 - link
I have the W7 Beta, and it wouldn't install off of a SATA Optical Drive onto a PATA HDD.Weirdest problem I have ever seen, couldn't even see the Optical drive once 'windows' the (pre-installation environment) had loaded.
I guess I needed to load RAID drivers? Seems annoying to let it boot the install without drivers, and then hang when attempting the install off media it just booted from.
It isn't "Terrible", but it ain't quick neither. I hope it gets better, but it still doesn't have the lean and mean feel of a good fresh 2000 SP4 install, or even XP SP2/3. (dual core 2.4Ghz 2GB DDR2-800 8600GTS)
Maybe I need an SSD?
nowayout99 - Thursday, May 7, 2009 - link
Random question from an XP user. ;)I mostly like RC1. I was able to customize the UI enough to be mostly satisfied with it, except for one setting.
In XP, when you navigate the Start menu folders, the different folders cascade from left to right. Example: Start > Programs > System Tools > Backup. You know the drill.
In RC1, each folder overlaps the previous, and you have to use forward/back buttons to backtrack. I find this annoying actually. I prefer XP's workflow. Is there a setting where I can make the folders function like XP?
Morgifier - Wednesday, May 6, 2009 - link
Thanks for the excellent article guys, covered practically everything I wanted to know about the RC before taking the plunge myself and formatting my hard drive for the install.Cheers!
heavyglow - Wednesday, May 6, 2009 - link
"Multiple GDI applications can now issue commands to it at the same time, and this is all pushed off to the video card to be its problem."I'm pretty sure this means that alt-tabing from a game to desktop will be quicker. :)
sample626 - Wednesday, May 6, 2009 - link
It's all good, but Windows XP x64 is not an XP. It is based on Win 2003 Server core and share's the same updates (so there is no Win XP x64 SP3)It doesn't reflect the real XP performance and it's not that good from compatibility view. The most common OS switch would probably be Win XP x32 -> Vista x32/64 ?-> Win7 646432/64
JimmyJimmington - Wednesday, May 6, 2009 - link
Anyone know how to get hardware accelerated video decoding in windows 7. I've gone through a couple guides with no luck so far.brian26 - Wednesday, May 6, 2009 - link
Seriously, fuck off with the apple loving bullshit. Mac os isnt competing against Microsoft, if they did they would have their asses handed to them by the mass public complaining nothing works. They build their os for a specific set of hardware.. thats like making a fucking Operating system for a console. Until they have the balls to step out and compete against Microsoft in the OS department and drop their over priced proprietary bullshit then they can fucking burn down for all I care. So stop putting them on the table like they even matter. Its been 5 minutes you better go fucking check to see if steve jobs is in the hospital again hadnt you bitch ?strikeback03 - Wednesday, May 6, 2009 - link
You're late - the people claiming Anandtech has a MS bias got in on the first few pages of comments.Lexington02 - Wednesday, May 6, 2009 - link
He is not late, he is claiming otherwise to the other people who think that Anandtech is MS loving while this dude is claiming to be Apple loving. I wonder, which is true... Apple lovers or Microsoft lovers...Lexington02 - Wednesday, May 6, 2009 - link
He is not late, he is claiming otherwise to the other people who think that Anandtech is MS loving while this dude is claiming to be Apple loving. I wonder, which is true... Apple lovers or Microsoft lovers...