Thursday, 25 November 2010

Zero-day flaw allows an attacker to impersonate the system account and bypass UAC

Here’s a good example of why implementing standard user accounts isn’t enough to secure your desktop systems. Occasionally bugs are found in Windows that allow privilege escalation – or in other words, permit a standard user to elevate to a higher set of privileges.

One such flaw has recently been disclosed and is outlined by Sophos on their Naked Security blog. Additional layers of security, such as application whitelisting and antivirus should help to mitigate the threat, or alternatively you can implement the workaround outlined in the blog post.

Hopefully it won’t be too long before Microsoft provides a patch. Looking at the workaround outlined by Sophos, it looks like this hole should be relatively trivial to plug.