2009/2/6 Miller Grey <[email protected]> > ...knowing all this, how does it get fixed? What is the proper way for MS > to enforce UAC? >
They need to put a version of UAC in place that will alert the user when a process is trying to make a change that weakens the overall security posture of the box. They need *only* alert the user when this change is with malicious intent. They need to elimiate all false positives. Good luck with that.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
