The storm seems to have subsided once again regarding UAC in Windows 7. Microsoft announced that they've fixed the problem and the world is content with that explanation. Personally, I think it might be the eye of the storm because I know there must be a security researcher or two waiting to once again find a "HUGE security flaw in Windows 7 UAC": http://i.gizmodo.com/5142837/huge-security-flaw-in-windows-7-user-account-control?skyline=true&s=x
Like I said, I'm really impressed with the sensationalism that ran rampant through this story. If I may critique Zheng's technical technique for a moment - personally, rather than writing a script to send key strokes, I probably would have just written an accessibility application and used the window's COM interfaces to just move the slider. After all, it's a feature in Windows that was specifically designed to programatically interact with UI...
Well...here's to RC1...I'm hoping that people come to understand that UAC is about the Standard User experience, not the superficial security provided by the prompt. But I assure you that I'll be tuning in to Jon and Steven as they progress through their UAC PR experience...
Posted
Feb 17 2009, 01:06 AM
by
Chris Corio